Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
@ampproject/toolbox-runtime-fetch
Advanced tools
The AMP Download Runtime tool fetches a complete, compiled AMP runtime and saves it to disk. You can use this tool to fetch AMP Project releases from cdn.ampproject.org
or direct it to download an AMP runtime hosted elsewhere.
Special handling is included for amp-geo. For hosting environments that dynamically modify amp-geo.js
when served, this tool restores the content to its unpatched state.
Install via:
npm install @ampproject/toolbox-runtime-fetch --save
dest
(required string
): Specify the destination directory where the AMP runtime should be saved. The runtime will be downloaded to an RTV-specific path under dest
.clear
(optional boolean
): Remove all contents from the destination directory before saving the AMP runtime. Defaults to true
.rtv
(optional string
): Specify the runtime version to download. Defaults to the latest production version available.ampUrlPrefix
(optional string
): Specify the URL where the AMP runtime is hosted. Defaults to https://cdn.ampproject.org
.Note: When downloading AMP Project releases, the runtime version (rtv
) is obtained by prepending 01
(production) or 00
(canary) to the version. For example, the rtv
for production release 2003101714470
is 012003101714470
.
Basic usage:
const downloadRuntime = require('@ampproject/toolbox-runtime-fetch');
let result;
// Download the latest AMP Project release to /tmp/amp/rtv/<rtv>,
// where <rtv> is detected automatically
result = await downloadRuntime.getRuntime({
dest: '/tmp/amp' // Windows filesystem paths are also supported
});
// Download a specific version of the AMP runtime from Bing
result = await downloadRuntime.getRuntime({
dest: '/tmp/amp' // Windows filesystem paths are also supported
rtv: '011912201827130',
ampPrefixUrl: 'https://www.bing-amp.com'
});
/**
* The object returned from getRuntime() includes the success or failure status,
* as well as data about the AMP runtime that was downloaded:
* {
* status: {boolean} Overall AMP runtime download status
* error: {string} Error message on failure
* count: {number} Number of files in the AMP runtime
* url: {string} URL to AMP runtime
* dest: {string} Path to directory where AMP runtime was downloaded
* rtv: {string} Runtime version of AMP runtime
* }
*/
v2.7.2 (2020-12-15)
optimizer
linter
optimizer
cache-url
linter
, optimizer
FAQs
Download the AMP runtime
The npm package @ampproject/toolbox-runtime-fetch receives a total of 35 weekly downloads. As such, @ampproject/toolbox-runtime-fetch popularity was classified as not popular.
We found that @ampproject/toolbox-runtime-fetch demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 16 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.