Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
github.com/Rokannon/Crossbridge-Recast-Navigation
This project is a FlasCC port to ActionScript 3.0 of C++ navigation mesh library Recast Navigation by Mikko Mononen.
In order to integrate the library with your project simply add as3_lib/bin/Crossbridge-Recast-Navigation.swc
to it's library path.
Live demo in Flash featuring some of Recast Navigation capabilities is available here. It's source code can be found in demo
folder.
To build demo from source you need to add demo/src
and demo/themes
folders to source path, add lib
folder to library path. You can use html template from demo/html-template
folder or use your own, but don't forget to set wmode
parameter to "direct"
as it is required by Starling Stage 3D rendering. Input geometry meshes are in demo/meshes
folder.
FlasCC compiler is used to generate swc library with internal API which is further used in final AS3 library project providing easy to understand AS3 API. Final product preserves original API as much as it's possible.
Using FlasCC compiler you can manually expose C++ functions to AS3. Study this example to understand how it's done. Internal API creation code is in folder as3_internal_api
. To build as3_internal_api.swc
run crossbridge_compile.sh
from Crossbridge environment. You can also run crossbridge_launcher.bat
providing it with path to Crossbridge folder as an argument.
Final AS3 library wraps internal API methods and C++ structures and classes. It creates simple AS3 classes and functions so it can be easily used in standard AS3 workflows. Most recent version of it is always available in as3_lib/bin
folder. But you can build it yourself. You need to create an AS3 library project with source from as3_lib
folder and add as3_internal_api/as3_internal_api.swc
as a library. You can also add -inline
as an additional compiler options.
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.