Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@frontity/file-settings
Advanced tools
A settings package for Frontity that uses a frontity.settings.js file.
This package is used to import the Frontity settings from a local file.
You can install it with npm
:
npm i @frontity/file-settings
Here is a small example of how to use getSettings
:
import { getSettings } from "@frontity/file-settings";
const settings = await getSettings({
name: "example-name",
url: "https://example.site"
});
async getSettings(options) => settings
Used to retrieve the settings from the frontity.settings.js
file.
options
: { name?: string; url: string; }
Used to match the right set of settings when there is more than one.
options.name
: string (optional)
The name of the set of settings you want to retrieve. When provided, getSettings
won't use options.url
.
options.url
: string
The url of the site using Frontity. The matches
field of each set of settings will be tested against this url to determine which set of settings should be used.
settings
: Settings
An object with type Settings
containing a set of settings.
async getAllSites() => sites
Used to retrieve all the sites with its name, mode and packages.
Sites: { name: string; mode: string; packages: string[]; }[]
An array of sites containing name, mode and packages.
[
{
name: "my-site-1",
mode: "html",
packages: ["package-1", "package-2"]
},
{
name: "my-site-1-amp",
mode: "amp",
packages: ["package-1", "package-3"]
},
{
name: "my-site-2",
mode: "html",
packages: ["package-1", "package-2"]
}
];
The file must be located in the root directory of the project, it must be named frontity.settings.ts
or frontity.settings.js
, and it needs to export a serializable object.
The settings exported can be mono settings (only one):
{
name?: string;
match?: string[];
mode?: string; // Default: "html"
state?: object,
packages: [
string,
{
name: string;
active?: boolean; // Default: true
state?: object;
}
]
}
Or multi settings:
// An array of more than one set of settings.
[
{
name: string; // Here name is mandatory and must be unique.
match?: string[];
mode?: string; // Default: "html"
state?: { ... },
packages: [ ... ]
},
{
name: string; // Here name is mandatory and must be unique.
match?: string[];
mode?: string; // Default: "html"
state?: { ... },
packages: [ ... ]
}
]
The Settings
interface is exposed to be used in development. It can be accessed like this:
import { Settings } from "@frontity/file-settings";
const settings: Settings = { ... };
Settings<T = Package>
Types for the imported settings object from the settings file. You'll want to use them on your frontity.settings.ts
file.
FAQs
A settings package for Frontity that uses a frontity.settings.js file.
The npm package @frontity/file-settings receives a total of 178 weekly downloads. As such, @frontity/file-settings popularity was classified as not popular.
We found that @frontity/file-settings demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.