loader-utils
recheck
| loader-utils | recheck | |
|---|---|---|
| 2 | 3 | |
| 765 | 208 | |
| 0.1% | 0.5% | |
| 3.0 | 9.5 | |
| 5 days ago | 7 days ago | |
| JavaScript | Scala | |
| MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
loader-utils
-
Building a Custom YAML Loader for Webpack
Obtain the loader options by calling getOptions(loaderContext), which is a function provided by loader-utils. We default the return value of getOptions to an empty object literal in case the webpack config doesn't include the options hash.
-
ReDoS “Vulnerabilities” and Misaligned Incentives
ReDoS and Prototype Pollution vulnerabilities in Webpack (or other developer tool that only ever touches my code and my configs) were scored low severity, I would probably happily ignore them. But they keep popping up with High or Critical severities, with claimed "Network" attack vectors, which nobody can possibly imagine..
Some of them show up as severity 9.8/10 in GitHub vulnerability alerts and then you try to find out more details about them and it turns out it's actually non-exploitable (example here: https://github.com/webpack/loader-utils/issues/212#issuecomm... )
recheck
-
Protegendo sua API NodeJs contra ReDos Attack[Parte 3]
Recheck
-
ReDoS “Vulnerabilities” and Misaligned Incentives
I'm using a great ReDoS checker.
https://github.com/makenowjust-labs/recheck
I use the checker to basically fix even regular expressions that are not actually vulnerable. This checker can be used as a lint, so there is no excuse to allow regular lint but not regular expression lint. ReDoS hunt is very enjoyable. Enjoy!
-
I'm working on a regular expression reuse database. You can search with examples to find regexes that have already been written in other projects
Please run all of your RegExs into a reliable regex checker. Many of the ones I saw are vulnerable to Regular Expression Denial of Service (ReDoS) attacks because they are inefficient for large inputs. I've used https://github.com/makenowjust-labs/recheck to check all of my projects using a simple file walker to make sure all of my projects are safe so maybe you could also try using recheck.
What are some alternatives?
js-yaml - JavaScript YAML parser and dumper. Very fast.
scalajs-react - Facebook's React on Scala.JS
lodash - A modern JavaScript utility library delivering modularity, performance, & extras.
py - Python development support library (note: maintenance only)
schema-utils - Options Validation
Cortex - Cortex: a Powerful Observable Analysis and Active Response Engine
webpack - A bundler for javascript and friends. Packs many modules into a few bundled assets. Code Splitting allows for loading parts of the application on demand. Through "loaders", modules can be CommonJs, AMD, ES6 modules, CSS, Images, JSON, Coffeescript, LESS, ... and your custom stuff.
Scala.js - Scala.js, the Scala to JavaScript compiler
zio-json - Fast, secure JSON library with tight ZIO integration.