Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@embroider/addon-dev
Advanced tools
Utilities for working on v2 addons.
For a guide on porting a V1 addon to V2, see https://github.com/embroider-build/embroider/blob/main/docs/porting-addons-to-v2.md
@embroider/addon-dev/rollup
exports utilities for building addons with rollup. To use them:
Add the following devDependencies
to your addon:
Copy the ./sample-rollup.config.js
in this repo to your own rollup.config.js
.
Copy the ./sample-babel.config.json
in this repo to your own babel.config.json
.
The addon-dev
command helps with common tasks in v2 addons.
devDependencies
from an embedded test application out into
your addon's actual package.json(You can avoid the need for both of these if you keep your addon and its test app as separate packages in a monorepo instead.)
See the top-level CONTRIBUTING.md in this monorepo.
This project is licensed under the MIT License.
FAQs
Utilities for addon authors
We found that @embroider/addon-dev demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.