Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@contentful/app-sdk
Advanced tools
The App SDK (formerly known as UI Extensions SDK) is a JavaScript library that allows developers to create custom Contentful Apps for the Contentful Web App. Every Contentful App has to include the library in its source.
create-contentful-app
- CLI tool for developing apps without the hassle of managing build configurationscontentful-ui-extensions-sdk
at npmTechnical questions, feedback or feature request can be provided directly through the Github issues for this repository. However, if you are a paying customer or at any point business sensitive information needs to be discussed, then the conversation should be handled via our support system.
A new package version is automatically published to npm using semantic-release.
To manually publish the package, run npm run publish-all
.
This repository is published as two packages with identical data. We recommend using @contentful/app-sdk
.
@contentful/app-sdk
contentful-ui-extensions-sdk
This package has two main development streams: latest
and canary
.
The default and stable releases are always published under the latest
tag (as per npm convention).
The release under the canary
tag is to be considered unstable and potentially breaking.
You should not rely on it in production.
To start a new alpha version of the package follow these steps:
canary
branch.git reset --hard origin/main
canary
canary
.docs
Former home of the documentation and reference for this library. This is now deprecated and you should use links above.
lib
Includes the files constituting the SDK and the associated types.
Top level files are split by feature. Most of them map 1-to-1 to an API (keep reading for the outliers). When APIs are
considered too small to be in a separate file, they are part of the api
file.
channel
and signal
abstract the communication between an App and the host;locations
exports available location where you can run App;initialize
creates an initializer to start an App within Contentful's App Framework.All the typings are in the types
folder and they map 1-to-1 APIs, when they make sense.
The entities
file maps Contentful entities in TypeScript.
utils
includes utility types, meant to save on characters to type.
scripts
Includes utility tools for maintainers.
test
Includes unit tests (run by mocha)
FAQs
A JavaScript library to develop custom apps for Contentful
The npm package @contentful/app-sdk receives a total of 27,845 weekly downloads. As such, @contentful/app-sdk popularity was classified as popular.
We found that @contentful/app-sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.