Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@devtools-ds/create
Advanced tools
This is a package of browser extension templates, which removes a majority of the usual boilerplate needed to get started. We're still working on adding more templates, and simplifying the developer experience. If you see an area to improve, feel free to
This is a package of browser extension templates, which removes a majority of the usual boilerplate needed to get started. We're still working on adding more templates, and simplifying the developer experience. If you see an area to improve, feel free to contribute!
Goals for templates:
npm init @devtools-ds
Instructions for development will be included in the README.md
for your chosen template.
MDN has a great guide outlining the major components of a browser extension. We recommend taking some time to understand the pieces, but ideally the templates will allow you to focus on your extension code instead of browser APIs.
Many of the high-level pieces are provided for you in our template:
To learn more about Firefox extensions, web-ext, and the webextension-polyfill library that enables cross-browser extension development check out the Firefox extension workshop site.
To learn more about Chrome-specific development, visit the chrome developers site!
FAQs
This is a package of browser extension templates, which removes a majority of the usual boilerplate needed to get started. We're still working on adding more templates, and simplifying the developer experience. If you see an area to improve, feel free to
We found that @devtools-ds/create demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.