Research
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
By Kirill Boychenko - Sep 24, 2025
@contentful/experiences-core
Advanced tools
- Version
- 3.7.0-dev-20250917T1515-4c340b9.0
- Version published
- Weekly downloads
- 7.4K 37.22%
- Maintainers
- 4
Weekly downloads
- Created
@contentful/experiences-core
Private Package Notice
Note: This package is not meant to be used directly by the end user. It is a dependency for the Studio Experiences packages. Changes to this package are not guaranteed to follow semantic versioning and may break without notice if used directly.
Purpose
- To contain shared code and utilities across the Experiences packages such as constants, types, transformers, and hooks.
- This means additions to core should be framework agnostic. For example, code that is only compatible with React does not belong in the core package.
Concepts
- Deep binding: Relates to the ability to resolve multiple references. Such an entry containing a reference to another entry which may also contain a reference to another entry and so on.
- Component definition Baseline definition to outline what is needed to define all component types whether it is a structure, built-in, or custom component.
- Entity: Contentful entries that get converted into an experience object that can be used within the experiences packages.
- Fetchers: The helper classes and functions in the Entity directory get consumed by the fetchers which get bundled up into either
fetchBySlugorfetchById. The listed fetchers are the two main functions that are exposed to the end user in the SDK to fetch a user's experience which is stored in Contentful as an entry. - Registries: An in-memory storage technique that the user can decide to provide for themselves or other personas in the editor canvas. Design tokens is an useful example where a user can provide their own thematic values with regards to text size, component sizes, spacing, colors, and borders in a JSON format that is resolved by the registry and provided as options in the UI editor sidebar.
- Exporting types and constants: Notice in the
package.jsonthere is atypesVersionsdefinition that separates the constants and types as separated bundled packages where the rollup is defined in therollup.config.mjsfile. This effectively means in practice consuming the types and constants have different imports - namely@contentful/experiences-core/constantsand@contentful/experiences-core/types.
Relevant Contentful documentation links
FAQs
## Private Package Notice
The npm package @contentful/experiences-core receives a total of 5,858 weekly downloads. As such, @contentful/experiences-core popularity was classified as popular.
We found that @contentful/experiences-core demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Package last updated on 17 Sep 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025