Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@fluid-experimental/fluid-static
Advanced tools
A tool to enable consumption of Fluid Data Objects without requiring custom container code.
The fluid-static
package provides a simple and powerful way to consume collaborative Fluid data.
This package is marked as experimental and currently under development. The API surface is currently under going drastic braking changes with no guarantees on compatibility.
The fluid-static
package contains a container with a pre-created default data object with the ability to create and store additional objects. This is abstracted behind a developer-friendly FluidContainer
interface that provides configurations for defining the container's initial object and supported dynamic object types, as well as callbacks for creating and fetching DDSes and data objects.
This is consumed by separate client packages, such as TinyliciousClient for the Tinylicious service, to provide an easy way of creating and fetching FluidContainer instances that are backed by data stored on the respective services.
FAQs
A tool to enable consumption of Fluid Data Objects without requiring custom container code.
We found that @fluid-experimental/fluid-static demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.