Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@herodevs/scully-plugin-the-vault
Advanced tools
This is the home of The Vault plugin for Scully. It provides local caching for Scully, and (in the enterprise offering) shared caching.
This is the home of The Vault plugin for Scully. It provides local caching for Scully, and (in the enterprise offering) shared caching.
The cache works with a approximately 5 minute granularity. This means that when a resource is in the cache it will live for the time it has assigned to it, but with a 5 minute margin.
When you have resources where this 5 minutes cache time is to long, set the resource to a TTL of 0
making it un-cachable.
To use this plugin you must first install it using npm:
npm i @herodevs/scully-plugin-the-vault
After that add it to your config file:
import { theVaultReady } from '@herodevs/scully-plugin-the-vault';
import { ScullyConfig } from '@scullyio/scully';
/** note that the config must be a promise */
export const config: Promise<ScullyConfig> = (async () => {
// setPluginConfig(theVault, { customerId: 2, projectId: 2 });
/** Mandatory! *//
await theVaultReady({
includeReferer: false,
customerId: 2,
projectId: 3,
});
const conf: ScullyConfig = {
projectRoot: './apps/demo/src',
projectName: 'demo',
outDir: './dist/static',
handle404: 'index',
maxRenderThreads: 24,
routes: {
'/user/:id': {
type: 'json',
id: {
url: 'http://localhost:8200/users',
resultsHandler: (raw) => raw.slice(0, 20),
property: 'id',
},
},
},
};
return conf;
})();
Because the Vault needs to talk to the cache, and this is an asynchronous process, this plugin demands the Scully config the return a promise. You can use an async function as showen in the above config, or use a normal promise chain when that is your preference.
If you want to do a local run of your app, without the Vault being used, you can add the command line option --noCache
to your scully command.
npx scully --project MyProject --noCache
When you want to run a separate scully server, it must exclude the cache. start it like this:
npx scully --project MyProject serve --noCache
This is needed, because the local cache can only be used by once Scully instance.
the --clearCache
option removes the local cache.
The Vault has a config object that can be set using setPluginConfig(theVault, customConfig);
or using the await theVaultReady(customConfig);
option.
Settings provided to the theVaultReady()
function will overwrite the setPluginConfig
export interface TheVaultConfig {
/** the url of the Vault server */
server?: string;
/** use the Referer as a key differentiation, defaults to false */
includeReferer?: boolean;
/** your Scully Enterprise customerID, as provided by HeroDevs */
customerId?: number;
/** your project id number */
projectId?: number;
/** your environment */
environment?: 'dev' | 'prod' | 'staging' | 'test';
/** the default Time To Live. 12 hours if unset */
defaultTTL?: number;
/** TTL exceptions */
ttlExceptions?: {
/** the full URL, is used as: `testUrl.startsWith(urlStart)` */
[urlStart: string]: number;
};
}
FAQs
This is the home of The Vault plugin for Scully. It provides local caching for Scully, and (in the enterprise offering) shared caching.
The npm package @herodevs/scully-plugin-the-vault receives a total of 0 weekly downloads. As such, @herodevs/scully-plugin-the-vault popularity was classified as not popular.
We found that @herodevs/scully-plugin-the-vault demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.