Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@finos/generator-symphony
Advanced tools
Yeoman based generator for Symphony Bots and Applications:
Install the Yeoman utility and Symphony Generator
npm install -g yo @finos/generator-symphony
Create a new directory and go into it
mkdir myBot && cd myBot
Run Symphony Generator and follow instructions on screen
yo @finos/symphony
If you are behind a web proxy, use the https_proxy
environment variable to configure the address of your proxy server and port.
export https_proxy=http://localhost:3128
Symphony Generator will automatically fetch the latest version of BDKs/WDK and use it to generate your project. In case the request fails, it will fallback on a default version.
In case of a Java bot application, once the project is generated, the generator will try to download the chosen package manager wrapper to build the project. If for any reason (e.g. network constraint) the build fails, the generator will then try to build the project again by using local package manager.
NOTE: The generation process will continue no matter what the build status is.
git checkout -b feature/fooBar
)git commit -am 'Add some fooBar'
)git push origin feature/fooBar
)NOTE: Commits and pull requests to FINOS repositories will only be accepted from those contributors with an active, executed Individual Contributor License Agreement (ICLA) with FINOS OR who are covered under an existing and active Corporate Contribution License Agreement (CCLA) executed with FINOS. Commits from individuals not covered under an ICLA or CCLA will be flagged and blocked by the FINOS Clabot tool (or EasyCLA). Please note that some CCLAs require individuals/employees to be explicitly named on the CCLA.
Need an ICLA? Unsure if you are covered under an existing CCLA? Email help@finos.org
:warning: It is not recommended using the legacy generators, as the underlying libraries are not maintained anymore.
To generate legacy projects (.NET, NodeJS and legacy Java/Python SDKs), please run the following command:
npm install generator-symphony@1.7.7
or build your own version from the legacy
branch.
Copyright 2022 Symphony LLC
Distributed under the Apache License, Version 2.0.
SPDX-License-Identifier: Apache-2.0
FAQs
Generator to create Symphony BOT and Applications
We found that @finos/generator-symphony demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.