Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
github.com/4ydx/fresh
# Fresh
Fresh is a command line tool that builds and (re)starts your web application everytime you save a Go or template file.
If the web framework you are using supports the Fresh runner, it will show build errors on your browser.
It currently works with Traffic, Martini and gocraft/web.
go get github.com/pilu/fresh
cd /path/to/myapp
Start fresh:
fresh
Fresh will watch for file events, and every time you create/modifiy/delete a file it will build and restart the application.
If go build
returns an error, it will log it in the tmp folder.
Traffic already has a middleware that shows the content of that file if it is present. This middleware is automatically added if you run a Traffic web app in dev mode with Fresh.
Check the _examples
folder if you want to use it with Martini or Gocraft Web.
fresh
uses ./runner.conf
for configuration by default, but you may specify an alternative config filepath using -c
:
fresh -c other_runner.conf
Here is a sample config file with the default settings:
root: .
tmp_path: ./tmp
build_name: runner-build
build_log: runner-build-errors.log
valid_ext: .go, .tpl, .tmpl, .html
build_delay: 600
colors: 1
log_color_main: cyan
log_color_build: yellow
log_color_runner: green
log_color_watcher: magenta
log_color_app:
git checkout -b my-new-feature
)git commit -am 'Add some feature'
)git push origin my-new-feature
)FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.