Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
@builder.io/forum-tracking
Advanced tools
This is an extremely simple NPM package that is meant primarily to be used with Unpkg's CDN to add quick tracking to our [forum](https://forum.builder.io/) pages.
Readme
This is an extremely simple NPM package that is meant primarily to be used with Unpkg's CDN to add quick tracking to our forum pages.
First we need to create a keys.json
file with this shape:
{
"MIXPANEL_PUBLIC_KEY": "some-random-api-key-here-for-mixpanel",
"AMPLITUDE_PUBLIC_KEY": "some-random-api-key-here-for-amplitude",
"SOMESERVICE_PUBLIC_KEY" "you-get-the-idea"
}
(Right now only MIXPANEL_PUBLIC_KEY
and AMPLITUDE_PUBLIC_KEY
are required).
Then run:
$ npm install
$ npm run build
Once you are properly authenticated with the npm
CLI tool, increment the version
field in package.json
and then just run:
$ npm publish
The version number has to change every time we publish; NPM won't let us overwrite existing versions.
Then, go to the forum's theme settings, edit its HTML/CSS, and add/replace this in the </body>
section:
<script src="//unpkg.com/@builder.io/forum-tracking@<VERSION>/dist/index.browser.js" async defer></script>
where <VERSION>
is the version number in package.json
.
FAQs
This is an extremely simple NPM package that is meant primarily to be used with Unpkg's CDN to add quick tracking to our [forum](https://forum.builder.io/) pages.
The npm package @builder.io/forum-tracking receives a total of 305 weekly downloads. As such, @builder.io/forum-tracking popularity was classified as not popular.
We found that @builder.io/forum-tracking demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.