Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
@ampproject/toolbox-runtime-fetch
Advanced tools
AMP Download Runtime
The AMP Download Runtime tool fetches a complete, compiled AMP runtime and saves it to disk. You can use this tool to fetch AMP Project releases from cdn.ampproject.org or direct it to download an AMP runtime hosted elsewhere.
Special handling is included for amp-geo. For hosting environments that dynamically modify amp-geo.js when served, this tool restores the content to its unpatched state.
Installation
Install via:
npm install @ampproject/toolbox-runtime-fetch --save
Options
dest(requiredstring): Specify the destination directory where the AMP runtime should be saved. The runtime will be downloaded to an RTV-specific path underdest.clear(optionalboolean): Remove all contents from the destination directory before saving the AMP runtime. Defaults totrue.rtv(optionalstring): Specify the runtime version to download. Defaults to the latest production version available.ampUrlPrefix(optionalstring): Specify the URL where the AMP runtime is hosted. Defaults tohttps://cdn.ampproject.org.
Note: When downloading AMP Project releases, the runtime version (rtv) is obtained by prepending 01 (production) or 00 (canary) to the version. For example, the rtv for production release 2003101714470 is 012003101714470.
Usage
Basic usage:
const downloadRuntime = require('@ampproject/toolbox-runtime-fetch');
let result;
// Download the latest AMP Project release to /tmp/amp/rtv/<rtv>,
// where <rtv> is detected automatically
result = await downloadRuntime.getRuntime({
dest: '/tmp/amp' // Windows filesystem paths are also supported
});
// Download a specific version of the AMP runtime from Bing
result = await downloadRuntime.getRuntime({
dest: '/tmp/amp' // Windows filesystem paths are also supported
rtv: '011912201827130',
ampPrefixUrl: 'https://www.bing-amp.com'
});
/**
* The object returned from getRuntime() includes the success or failure status,
* as well as data about the AMP runtime that was downloaded:
* {
* status: {boolean} Overall AMP runtime download status
* error: {string} Error message on failure
* count: {number} Number of files in the AMP runtime
* url: {string} URL to AMP runtime
* dest: {string} Path to directory where AMP runtime was downloaded
* rtv: {string} Runtime version of AMP runtime
* }
*/
FAQs
Download the AMP runtime
We found that @ampproject/toolbox-runtime-fetch demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 16 open source maintainers collaborating on the project.
Package last updated on 09 Jun 2020
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024