Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
vscode-nls
Advanced tools
The vscode-nls package is a localization library designed for use with Visual Studio Code extensions. It provides a simple way to localize strings in your extension, making it easier to support multiple languages.
Initialization
This feature allows you to initialize the localization library with a specific locale. The `config` method sets up the locale and returns a function that can be used to localize strings.
const nls = require('vscode-nls');
const localize = nls.config({ locale: 'en' })();
Localizing Strings
This feature allows you to localize strings using a key and a default message. The `localize` function takes a key and a default message, and returns the localized string based on the current locale.
const message = localize('key', 'Default message');
Loading Message Bundles
This feature allows you to load message bundles for localization. The `loadMessageBundle` method loads the message bundle for the current locale, which can then be used to localize strings.
const nls = require('vscode-nls');
const localize = nls.loadMessageBundle();
i18next is a popular internationalization framework for JavaScript. It provides a comprehensive set of features for localization, including support for multiple languages, pluralization, and interpolation. Compared to vscode-nls, i18next is more feature-rich and can be used in a variety of environments, not just Visual Studio Code extensions.
react-intl is a library for internationalizing React applications. It provides components and APIs for formatting dates, numbers, and strings, as well as handling pluralization and translations. While vscode-nls is focused on Visual Studio Code extensions, react-intl is specifically designed for use with React applications.
Globalize is a library for internationalization and localization in JavaScript. It provides support for formatting and parsing dates, numbers, and currencies, as well as message translation. Globalize is more general-purpose compared to vscode-nls, which is tailored for Visual Studio Code extensions.
CommonJS module to support externalization and localization. The module only depends on Node.js however its primary use case is for VSCode extensions.
// This must be the first import in the main entry file
import * as nls from 'vscode-nls';
let localize = nls.config({ locale: 'de-DE' })();
console.log(localize('keyOne', "Hello World"));
console.log(localize('keyTwo', "Current Date {0}", Date.now()));
The config
call configures the nls module and should only be called once in the applications entry point. You pass in the locale you want to use and whether the resolved locale should be cached for all further calls. The config call returns a function which is used to load a message bundle. During development time the argument should stay empty. There is another tool that helps extracting the message from your sources and it creates the message bundles automatically for you. The tool is available here.
In secondary modules loaded from the 'main' module no configuration is necessary. However you still need to load the nls module and load the message bundle. This looks like this:
// In secondary file this import can be at random places.
import * as nls from 'vscode-nls';
let localize = nls.loadMessageBundle();
console.log(localize('keyOne', "Hello World"));
During development time the strings in the code are presented to the user. If the locale is set to 'pseudo' the messages are modified in the following form:
nls.config({...})
on web. Context in this PR by @a-stewartvscode-nls\node
. To use the browser specific part import vscode-nls\browser
.The browser specific part currently does only support a default language inline in code. There is no support yet to load a different language bundle during runtime. However the split allows to web pack the vscode-nls
module.
VSCODE_NLS_CONFIG
setting.localize
function to string | number | boolean | null | undefined
nls.bundle(.${locale})?.json
file.FAQs
NPM module to externalize and localize VSCode extensions
The npm package vscode-nls receives a total of 1,217,973 weekly downloads. As such, vscode-nls popularity was classified as popular.
We found that vscode-nls demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 10 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.