Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
com.github.cage433:maker-test-reporter_2.11
Advanced tools
Maker is a scala build tool, written out of frustration with the complexity of SBT. It performs similar tasks, namely compile, test, publish etc - however it isn't a monad transformation tool and has no DSL. Its aim is simply to speed up the code/compile/test cycle.
Download and run the script maker.py in the directory in which your project will live. You will be prompted for the name of your project, and a minimal config file will be created at ./maker/Project.scala.
This specifies for each module its dependencies, both external and on other modules.
A project is a collection of modules, a module being a unit of compilation. A very simple codebase may just consist of a single module, note however that only projects can be published - modules cannot.
A module contains source files, test files and resources, has external dependencies, and may also depend on 'upstream' modules. By default the layout used is the maven standard, however you may notice that the maker codebase does not follow this - purely as I consider the standard to be an ugly, verbose java idiom. If you care to join me in this struggle then mix in the ClassicLayout trait and structure your projects thus :-
project/module-a/src/
module-a/tests/
module-a/resources
module-a/test-resources
project/module-b/src/
module-b/tests/
module-b/resources
module-b/test-resources
project/Project.scala
The project file, Project.scala, defines the modules and any dependencies between them.
Having created a project file, simply run the script maker.git/bin/maker.sh - this will bootstrap maker, load the project file, and launch the scala repl.
Having launched the repl Maker can perform the usual tasks one would expect from a build tool. The syntax is simply project-or-module.task
. Available tasks include update
, compile
, testCompile
, test
, package
, publish
.
Maker knows the dependencies between tasks, both across tasks of different types (e.g. compile
must be executed before testCompile
) and also taking into account module dependencies (all upstream compilation must succeed before any module is compiled).
FAQs
A scala build tool
We found that com.github.cage433:maker-test-reporter_2.11 demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.