Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@ekidpro/bridge
Advanced tools
// TODO
Tạo mới project với CRA theo LINK
Thêm homepage vào trong package.json thành:
{
...
"homepage": "."
...
}
Nếu trong project đang sử dụng React Router vui lòng sử dụng HashRouter
thay cho BrowserRouter
$ import { HashRouter } from "react-router-dom";
$ npm run build
OR
$ yarn build
Sau đó zip folder build rồi up lên CMS
// TODO: Hướng dẫn up build lên cms
$ npm install --save @ekidpro/web
Hoặc
$ yarn add @ekidpro/web
// TODO:
import { controller } from '@ekidpro/web'
...
controller.start()
...
controller.stop()
...
Example:
useEffect(() => {
controller.start();
return () => {
controller.stop();
};
}, []);
// TODO: Danh sách event sẽ được cập nhật sau
import {Listener} from '@ekidpro/web';
const listener = Listener.start();
listener.onNetworkChange = e => {
console.log(e);
};
listener.onOrientationChange = e => {
console.log(e);
};
Example:
useEffect(() => {
const listener = Listener.start();
listener.onNetworkChange = (e) => {
console.log(e);
};
listener.onOrientationChange = (e) => {
console.log(e);
};
return () => listener.stop();
}, []);
import {command} from '@ekidpro/web';
command.device.getDeviceInfo() => Promise
command.userinfo.getUserInfo() => Promise
command.userinfo.scanQr() => Promise
command.device.setButtonStatus() => Promise<'show' | 'hidden'>
command.device.setStatusBarStyle() => Promise<'default' | 'light-content' | 'dark-content'>
command.device.goBack() => Promise
window.ekp.emitter;
Đây là object Emitter dành cho việc giao tiếp. Nếu như khó trong việc quản lý state, việc thay đổi emitter thành object|events khác hoàn toàn khả thi.
First example:
const handler = data => console.log(data);
window.ekp.emitter.add('INSETS_CHANGE', handler);
// Later
// IMPORTANT: do not forget to remove handler
window.ekp.emitter.remove('INSETS_CHANGE', handler);
FAQs
Bridge between ekidpro app with website
The npm package @ekidpro/bridge receives a total of 2 weekly downloads. As such, @ekidpro/bridge popularity was classified as not popular.
We found that @ekidpro/bridge demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.