
Research
/Security News
Weaponizing Discord for Command and Control Across npm, PyPI, and RubyGems.org
Socket researchers uncover how threat actors weaponize Discord across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.
@capsulajs/capsulahub-workspace
Advanced tools
The core package of Capsulahub. Includes the implementation of Workspace, that inits the application and keeps track of service and widgets extensions
The main core service of Capsulahub, it is responsible for:
To install the package from NPM registry you should run
yarn add @capsulajs/capsulahub-workspace
or
npm install @capsulajs/capsulahub-workspace
You can get the default export from the link
https://capsulajs.s3.amazonaws.com/develop/capsulahub-workspace/index.js
WorkspaceFactory class.
The public API of Workspace.
Then you can create a Workspace as following:
import WorkspaceFactory, { API } from '@capsulajs/capsulahub-workspace';
const workspaceFactory = new WorkspaceFactory();
let workspace: API.Workspace;
workspaceFactory.createWorkspace({
token: 'http://localhost:3000/configuration/workspace.json',
configProvider: 'httpFile'
})
.then((response) => {
workspace = response;
console.log('The workspace has been created', workspace)
})
.catch((error) => {
console.log('an error has occurred while creating a workspace', error)
});
The documentation about public API.
Run
yarn doc
And open doc/index.html in browser.
An example of WorkspaceConfiguration:
{
"name": "baseWorkspace",
"services": [
{
"serviceName": "ServiceA",
"path": "http://localhost:3000/services/serviceA.js",
"definition": {
"serviceName": "ServiceA",
"methods": {
"greet": { "asyncModel": "requestResponse" }
}
},
"config": { "serviceName": "serviceA", "message": "what pill would you choose: red or blue?" }
},
{
"serviceName": "ServiceB",
"path": "http://localhost:3000/services/serviceB.js",
"definition": {
"serviceName": "ServiceB",
"methods": {
"getRandomNumbers": { "asyncModel": "requestStream" }
}
},
"config": { "serviceName": "serviceB" }
}
],
"components": {
"layouts": {
"capsulahub-root": {
"componentName": "web-grid",
"path": "http://localhost:3000/widgets/Grid.js",
"config": { "title": "Base Grid" }
}
},
"items": {
"request-form": {
"componentName": "web-request-form",
"path": "http://localhost:3000/widgets/RequestForm.js",
"config": { "title": "Base Request Form" }
}
}
}
}
Configuration can be changed in cdn-emulator package in "./src/configuration". The name of json file should always be workspace.json.
The extensions also can be changed in cdn-emulator package (don't forget to update configuration file after creating new extensions).
yarn build
Builds es-modules version (in lib folder) for NPM and bundle version (in dist folder) for CDN.
In order to open a simple example you should run localhost:3000 with extensions included there.
In order to do it you should go to cdn-emulator package:
cd ../cdn-emulator
And run:
yarn start
In a different terminal you should go to workspace package:
cd packages/workspace
And run:
yarn start
You will be able to open an example on localhost:1234.
This example is also being used for running Cypress tests on it.
If an error has happened while importing or bootstrapping of the extension, corresponding console.error will be shown.
Keep in mind, that if an error has happened before the registration of an extension, the promise of this this extension in ServicesMap or ComponentsMap will always stay in pending state.
CapsulaHub and related services are released under MIT Licence.
FAQs
The core package of Capsulahub. Includes the implementation of Workspace, that inits the application and keeps track of service and widgets extensions
The npm package @capsulajs/capsulahub-workspace receives a total of 1 weekly downloads. As such, @capsulajs/capsulahub-workspace popularity was classified as not popular.
We found that @capsulajs/capsulahub-workspace demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
Socket researchers uncover how threat actors weaponize Discord across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.
Security News
Socket now integrates with Bun 1.3’s Security Scanner API to block risky packages at install time and enforce your organization’s policies in local dev and CI.
Research
The Socket Threat Research Team is tracking weekly intrusions into the npm registry that follow a repeatable adversarial playbook used by North Korean state-sponsored actors.