
Research
Malicious npm Packages Impersonate Flashbots SDKs, Targeting Ethereum Wallet Credentials
Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.
@bitrise/bitviz
Advanced tools
A collection of low level components for building rich and flexible visualisations
Library for React Visualisation components
git clone git@github.com:bitrise-io/bitviz.git
cd bitviz
yarn install
$ yarn build
Builds the library and site
$ yarn lint
Runs Javascript linting
$ yarn serve
Serves up the static files built for the site
$ yarn start
Runs the developlement server and site
$ yarn test
Runs the unit tests for the library components
This project is following continuous deployment using Bitrise CI 🙌 with Netlify for branch deploys.
Bitiz uses a strict commit message structure that follows the Conventional Commits spec. This is used to automate publishing the package to NPM and generating the changelog with Semantic Release.
FAQs
A collection of low level components for building rich and flexible visualisations
We found that @bitrise/bitviz demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 8 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.
Security News
Ruby maintainers from Bundler and rbenv teams are building rv to bring Python uv's speed and unified tooling approach to Ruby development.
Security News
Following last week’s supply chain attack, Nx published findings on the GitHub Actions exploit and moved npm publishing to Trusted Publishers.