Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
typescript
Advanced tools
The TypeScript npm package is a superset of JavaScript that compiles to clean JavaScript output. It adds optional static typing to JavaScript, which can help with the development of large-scale applications and lead to more robust code. TypeScript is designed for the development of large applications and transcompiles to JavaScript.
Static Type Checking
TypeScript allows you to define types for your variables and function parameters, which helps catch errors at compile time rather than at runtime.
let isDone: boolean = false;
Classes and Interfaces
TypeScript supports modern JavaScript features like classes and interfaces, allowing for more structured and maintainable code.
class Animal {
name: string;
constructor(theName: string) { this.name = theName; }
move(distanceInMeters: number = 0) {
console.log(`${this.name} moved ${distanceInMeters}m.`);
}
}
Modules
TypeScript provides support for modules, enabling you to organize your code into separate files and manage dependencies more effectively.
import { ZipCodeValidator } from './ZipCodeValidator';
let myValidator = new ZipCodeValidator();
Generics
Generics enable you to create reusable components that work with a variety of types rather than a single one.
function identity<T>(arg: T): T {
return arg;
}
Advanced Types
TypeScript offers advanced types like intersection types, union types, and mapped types, which provide powerful ways to work with your data structures.
type Tree<T> = {
value: T;
left: Tree<T>;
right: Tree<T>;
};
Tooling Support
TypeScript integrates with many editors and provides features like autocompletion, type checking, and source navigation, enhancing the development experience.
n/a
Flow is a static type checker for JavaScript. It provides similar functionality to TypeScript, offering static typing in JavaScript, but it uses a different syntax and type system.
Babel preset for TypeScript allows Babel to parse and transpile TypeScript code. While Babel itself is mainly a JavaScript compiler, this preset brings TypeScript support to Babel's ecosystem.
CoffeeScript is a language that compiles into JavaScript. It provides syntactic sugar inspired by Ruby, Python, and Haskell to enhance JavaScript readability and brevity. It does not offer static typing but focuses on cleaner syntax.
Elm is a functional language that compiles to JavaScript. It emphasizes simplicity and quality tooling, and while it is not a direct alternative to TypeScript's type system, it offers strong typing and eliminates runtime exceptions.
Dart is an object-oriented, class-defined, garbage-collected language using a C-style syntax that transcompiles optionally into JavaScript. It includes static typing and is developed by Google, often used for building web and mobile applications.
TypeScript is a language for application-scale JavaScript. TypeScript adds optional types to JavaScript that support tools for large-scale JavaScript applications for any browser, for any host, on any OS. TypeScript compiles to readable, standards-based JavaScript. Try it out at the playground, and stay up to date via our blog and Twitter account.
Find others who are using TypeScript at our community page.
For the latest stable version:
npm install -g typescript
For our nightly builds:
npm install -g typescript@next
There are many ways to contribute to TypeScript.
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.
In order to build the TypeScript compiler, ensure that you have Git and Node.js installed.
Clone a copy of the repo:
git clone https://github.com/microsoft/TypeScript.git
Change to the TypeScript directory:
cd TypeScript
Install Gulp tools and dev dependencies:
npm install -g gulp
npm ci
Use one of the following to build and test:
gulp local # Build the compiler into built/local.
gulp clean # Delete the built compiler.
gulp LKG # Replace the last known good with the built one.
# Bootstrapping step to be executed when the built compiler reaches a stable state.
gulp tests # Build the test infrastructure using the built compiler.
gulp runtests # Run tests using the built compiler and test infrastructure.
# Some low-value tests are skipped when not on a CI machine - you can use the
# --skipPercent=0 command to override this behavior and run all tests locally.
# You can override the specific suite runner used or specify a test for this command.
# Use --tests=<testPath> for a specific test and/or --runner=<runnerName> for a specific suite.
# Valid runners include conformance, compiler, fourslash, project, user, and docker
# The user and docker runners are extended test suite runners - the user runner
# works on disk in the tests/cases/user directory, while the docker runner works in containers.
# You'll need to have the docker executable in your system path for the docker runner to work.
gulp runtests-parallel # Like runtests, but split across multiple threads. Uses a number of threads equal to the system
# core count by default. Use --workers=<number> to adjust this.
gulp baseline-accept # This replaces the baseline test results with the results obtained from gulp runtests.
gulp lint # Runs eslint on the TypeScript source.
gulp help # List the above commands.
node built/local/tsc.js hello.ts
For details on our planned features and future direction please refer to our roadmap.
FAQs
TypeScript is a language for application scale JavaScript development
We found that typescript demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 8 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.