Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@gliff-ai/annotate
Advanced tools
gliff.ai ANNOTATE - a user friendly browser interface for annotating multidimensional images for machine learning
π Welcome in! π
This repository contains the Open Source code for gliff.aiβs ANNOTATE product.
ANNOTATE aims to allow domain experts to easily and efficiently annotate multidimensional images - embedding their knowledge - for the purposes of developing imaging AI products. ANNOTATE is just one part of gliff.aiβs growing privacy-preserving MLOps (Machine Learning Operations) platform. When the full gliff.ai platform is used, ANNOTATE provides just one step in developing high-quality and auditable datasets that satisfy any relevant regulatory frameworks which enables our users to build world-changing and trustworthy AI models and products.
A preview build of the current main
branch is here. Built from the annotate/examples
folder on the main
branch.
β We welcome contributions on this repository! β
Looking for something specific? π
Run npm install @gliff-ai/annotate
in your command line to install the package from the npm registry.
Frontend code should always be written in Typescript and transpiled using the options in tsconfig.json
in this repository. npm should always be used for package management.
npm run serve
will run a local webpack developer server for quick access.
As a standard, all code contributions should be linted with ESLint using .eslintrc.js
and formatted with Prettier. Note: HTML + CSS, mark-up and mark-down code are exemptions and should be formatted using Prettier but do not need to be linted.
npm run lint
will lint the codebase.
Our GitHub Actions will also lint any pull requests before they're merged.
All code contributions should be tested using both the Jest and React Testing Library.
npm run test
will run any existing tests in our codebase.
Our GitHub Actions will also test any pull requests before they're merged! These all must pass and have 2 reviewers approval before a pull request can merge. If one or a few fail and your troubleshooting is not giving an answer, please check out the gliff.ai Contribution Guide π for further guidance.
GitHub Actions should only be included under the .github/workflows
path.
We welcome all contributors and any contributions on this project through the likes of feedback on or suggesting features and enhancements, raising bug problems, reporting on security vulnerabilities, reviewing code, requesting or creating tests, user testing etc. to ensure gliff.ai can help enable the best and biggest positive impact possible.
Sounds good and want to contribute to the project? π§βπ»
Please check the gliff.ai Contribution Guide π before you get started. Donβt forget the gliff.ai Code of Conduct β οΈ and gliff.ai Security Policy π too!
A big thank you from the entire gliff.ai team to these fellow contributors (emoji key):
{{Contributor List - coming soon}}
Need some help? π€ Have a question? π§
Reach out to the gliff.ai team at community@gliff.ai or on our GitHub discussions.
This code is licensed under a GNU AGPLv3 license π
Curious about our reasoning for this? Read about them here!
FAQs
gliff.ai ANNOTATE - a user friendly browser interface for annotating multidimensional images for machine learning
The npm package @gliff-ai/annotate receives a total of 24 weekly downloads. As such, @gliff-ai/annotate popularity was classified as not popular.
We found that @gliff-ai/annotate demonstrated a not healthy version release cadence and project activity because the last version was released a year ago.Β It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.