Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
typescript
Advanced tools
The TypeScript npm package is a superset of JavaScript that compiles to clean JavaScript output. It adds optional static typing to JavaScript, which can help with the development of large-scale applications and lead to more robust code. TypeScript is designed for the development of large applications and transcompiles to JavaScript.
Static Type Checking
TypeScript allows you to define types for your variables and function parameters, which helps catch errors at compile time rather than at runtime.
let isDone: boolean = false;
Classes and Interfaces
TypeScript supports modern JavaScript features like classes and interfaces, allowing for more structured and maintainable code.
class Animal {
name: string;
constructor(theName: string) { this.name = theName; }
move(distanceInMeters: number = 0) {
console.log(`${this.name} moved ${distanceInMeters}m.`);
}
}
Modules
TypeScript provides support for modules, enabling you to organize your code into separate files and manage dependencies more effectively.
import { ZipCodeValidator } from './ZipCodeValidator';
let myValidator = new ZipCodeValidator();
Generics
Generics enable you to create reusable components that work with a variety of types rather than a single one.
function identity<T>(arg: T): T {
return arg;
}
Advanced Types
TypeScript offers advanced types like intersection types, union types, and mapped types, which provide powerful ways to work with your data structures.
type Tree<T> = {
value: T;
left: Tree<T>;
right: Tree<T>;
};
Tooling Support
TypeScript integrates with many editors and provides features like autocompletion, type checking, and source navigation, enhancing the development experience.
n/a
Flow is a static type checker for JavaScript. It provides similar functionality to TypeScript, offering static typing in JavaScript, but it uses a different syntax and type system.
Babel preset for TypeScript allows Babel to parse and transpile TypeScript code. While Babel itself is mainly a JavaScript compiler, this preset brings TypeScript support to Babel's ecosystem.
CoffeeScript is a language that compiles into JavaScript. It provides syntactic sugar inspired by Ruby, Python, and Haskell to enhance JavaScript readability and brevity. It does not offer static typing but focuses on cleaner syntax.
Elm is a functional language that compiles to JavaScript. It emphasizes simplicity and quality tooling, and while it is not a direct alternative to TypeScript's type system, it offers strong typing and eliminates runtime exceptions.
Dart is an object-oriented, class-defined, garbage-collected language using a C-style syntax that transcompiles optionally into JavaScript. It includes static typing and is developed by Google, often used for building web and mobile applications.
TypeScript is a language for application-scale JavaScript. TypeScript adds optional types, classes, and modules to JavaScript. TypeScript supports tools for large-scale JavaScript applications for any browser, for any host, on any OS. TypeScript compiles to readable, standards-based JavaScript. Try it out at the playground, and stay up to date via our blog and Twitter account.
For the latest stable version:
npm install -g typescript
For our nightly builds:
npm install -g typescript@next
There are many ways to contribute to TypeScript.
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.
In order to build the TypeScript compiler, ensure that you have Git and Node.js installed.
Clone a copy of the repo:
git clone https://github.com/Microsoft/TypeScript.git
Change to the TypeScript directory:
cd TypeScript
Install Gulp tools and dev dependencies:
npm install -g gulp
npm install
Use one of the following to build and test:
gulp local # Build the compiler into built/local
gulp clean # Delete the built compiler
gulp LKG # Replace the last known good with the built one.
# Bootstrapping step to be executed when the built compiler reaches a stable state.
gulp tests # Build the test infrastructure using the built compiler.
gulp runtests # Run tests using the built compiler and test infrastructure.
# You can override the host or specify a test for this command.
# Use host=<hostName> or tests=<testPath>.
gulp runtests-browser # Runs the tests using the built run.js file. Syntax is gulp runtests. Optional
parameters 'host=', 'tests=[regex], reporter=[list|spec|json|<more>]'.
gulp baseline-accept # This replaces the baseline test results with the results obtained from gulp runtests.
gulp lint # Runs tslint on the TypeScript source.
gulp help # List the above commands.
node built/local/tsc.js hello.ts
For details on our planned features and future direction please refer to our roadmap.
FAQs
TypeScript is a language for application scale JavaScript development
The npm package typescript receives a total of 60,892,007 weekly downloads. As such, typescript popularity was classified as popular.
We found that typescript demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 8 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.