Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
org.graalvm.visualvm.api:org-graalvm-visualvm-heapdump
Advanced tools
VisualVM is a visual tool integrating commandline JDK tools and lightweight profiling capabilities.
VisualVM is a visual tool integrating commandline JDK tools and lightweight profiling capabilities. See https://visualvm.github.io for details, downloads and documentation.
Use Apache Ant 1.9.15 or above and Oracle JDK 8 to build VisualVM from this repository.
First download or clone this repository into directory visualvm
. There are two project suites included:
visualvm/visualvm
) - suite for the core VisualVM toolvisualvm/plugins
) - suite for the VisualVM plugins available in Plugins CenterThen download and extract the NetBeans Platform 22 into directory visualvm/visualvm
(should create visualvm/visualvm/netbeans
).
To build VisualVM, use ant build-zip
command in the visualvm/visualvm
directory.
To run VisualVM, use ant run
command in the visualvm/visualvm
directory.
To build or run the plugins suite, use ant build
or ant run
in the visualvm/plugins
directory. This will automatically build the zip distribution of the core VisualVM tool into visualvm/visualvm/dist/visualvm.zip
and extract it into the visualvm/plugins/visualvm
directory. After that the build of the plugins suite continues to build each of the individual plugins. Running the plugins suite means starting VisualVM with all the plugins installed.
Generate the Maven artifacts
First prepare the binaries:
visualvm.zip
file in visualvm/dist
.ant nbms
. This will generate a folder build/updates
containing all the NBMs.To generate the artifacts use org.apache.netbeans.utilities:nb-repository-plugin
. Make sure the current directory is still visualvm/visualvm
.
To install the artifacts into your local repository use the following command:
mvn \
-DnetbeansInstallDirectory=dist/visualvm \
-DnetbeansNbmDirectory=build/updates \
-DgroupIdPrefix=org.graalvm.visualvm \
-DforcedVersion=RELEASE2110 \
org.apache.netbeans.utilities:nb-repository-plugin:populate
To publish the artifacts into a remote repository use the following command:
mvn
-DnetbeansInstallDirectory=dist/visualvm \
-DnetbeansNbmDirectory=build/updates \
-DgroupIdPrefix=org.graalvm.visualvm \
-DforcedVersion=RELEASE2110 \
-DdeployUrl=<URL to the remote repo> \
-DdeployId=<repository id referenced in your settings.xml> \
-DskipInstall=true \
org.apache.netbeans.utilities:nb-repository-plugin:populate
For more information about nb-repository-plugin
see https://bits.netbeans.org/mavenutilities/nb-repository-plugin/index.html
We highly appreciate any feedback! Please let us know your ideas, missing features, or bugs found. Either file a RFE/bug or leave us a message. For legal reasons, we cannot accept external pull requests. See CONTRIBUTING for details.
Please consult the security guide for our responsible security vulnerability disclosure process
Copyright (c) 2017, 2023 Oracle and/or its affiliates. Released under the GNU General Public License, version 2, with the Classpath Exception.
FAQs
Unknown package
We found that org.graalvm.visualvm.api:org-graalvm-visualvm-heapdump demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.