Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@enterprise-cmcs/macpro-security-hub-sync
Advanced tools
NPM module to create Jira issues for all findings in Security Hub for the current AWS account..
This package syncs AWS Security Hub Findings to Jira.
The SecurityHubJiraSyncOptions class's main function is sync. The sync process follows this process: Step 1. Get all open Security Hub issues from Jira Step 2. Get all current findings from Security Hub Step 3. Close existing Jira issues if their finding is no longer active/current Step 4. Create Jira issue for current findings that do not already have a Jira issue
To install the package run the following command:
npm install --save-dev @enterprise-cmcs/macpro-security-hub-sync
or
yarn add --dev @enterprise-cmcs/macpro-security-hub-sync
After installing the package in your project include this import statement
import { SecurityHubJiraSync } from "@enterprise-cmcs/macpro-security-hub-sync";
With SecurityHubJiraSync imported you can now execute it like:
await new SecurityHubJiraSync({ region = "us-east-1", severities: ["MEDIUM"] }).sync();
Found a bug, want to help with updating the docs or maybe you want to help add a feature. Refer to our contribution documentation for more information: Documentation
yarn link
(note, when testing is complete, run yarn unlink
)
that will return output like:yarn link v1.22.19
warning ../../../package.json: No license field
success Registered "@enterprise-cmcs/macpro-security-hub-sync".
info You can now run `yarn link "@enterprise-cmcs/macpro-security-hub-sync"` in the projects where you want to use this package and it will be used instead.
✨ Done in 0.06s.
In your local yarn project that will be using the macpro-security-hub-sync package, run:
rm -rf node_modules
yarn link "@enterprise-cmcs/macpro-security-hub-sync"
that will return output like:yarn link v1.22.19
warning ../../../package.json: No license field
success Using linked package for "@enterprise-cmcs/macpro-security-hub-sync".
✨ Done in 0.05s.
yarn install
yarn unlink "@enterprise-cmcs/macpro-security-hub-sync"
See LICENSE for full details.
FAQs
NPM module to create Jira issues for all findings in Security Hub for the current AWS account..
The npm package @enterprise-cmcs/macpro-security-hub-sync receives a total of 54 weekly downloads. As such, @enterprise-cmcs/macpro-security-hub-sync popularity was classified as not popular.
We found that @enterprise-cmcs/macpro-security-hub-sync demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.