Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@dac-software/front-configuration-pl
Advanced tools
Main purpose of this library is to aggregate all frontend UI libraries, their configuration and compile to proper bundles. Library serves all frontend related assets, such as js, css, font, images files.
Main purpose of this library is to aggregate all frontend UI libraries, their configuration and compile to proper bundles. Library serves all frontend related assets, such as js, css, font, images files.
Installing depedencies
npm install
Build production library files
npm run build
Build process creates dist directory which should be used as symlink in main (backend) project.
Library is third party lib for qarson multipage system. Allows to use webpack-dev-server with its features in range of backend project.
To work with code in configured development process you need to do few steps:
Link current library (be aware of used the same node version in all)
npm link
Run webpack dev server
npm run start:dev
Move to main backend project and link this library
npm link @dac-software/front-configuration-pl
For manual tests purposes library should be published on npm with -dev tag (TODO learn the process)
npm login
npm publish --access=public
FAQs
Main purpose of this library is to aggregate all frontend UI libraries, their configuration and compile to proper bundles. Library serves all frontend related assets, such as js, css, font, images files.
The npm package @dac-software/front-configuration-pl receives a total of 32 weekly downloads. As such, @dac-software/front-configuration-pl popularity was classified as not popular.
We found that @dac-software/front-configuration-pl demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.