Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@knapsack-pro/core
Advanced tools
Knapsack Pro Core library splits tests across CI nodes and makes sure that tests will run in optimal time on each CI node. This library gives core features like communication with KnapsackPro.com API. This library is a dependency for other projects specif
@knapsack-pro/core
is JS npm package with core features for Knapsack Pro API.
Learn how to run your tests faster with optimal test suite parallelisation using Knapsack Pro.
This package is the dependency of Knapsack Pro clients in JavaScript.
You can set log level with environment variable KNAPSACK_PRO_LOG_LEVEL
.
The default level is info
.
Available log levels (from most important to least important):
error
- shows only critical errorswarn
- shows warnings (e.g. Fallback Mode has started)info
- shows Knapsack Pro API request response bodyverbose
debug
- shows Knapsack Pro API request headers and bodysilly
When Knapsack Pro API is not available or temporarily unreachable due to network problems then Fallback Mode will be started and you will see a log warning in the output.
In Fallback Mode your tests will be executed and split based on test file names across CI nodes. If in the meantime other CI nodes were able to connect to Knapsack Pro API then you may notice that some of the test files were executed twice across CI nodes. Fallback Mode guarantees each of test files is run at least once as a part of CI build.
If during CI build runtime connection to Knapsack Pro API is lost, Fallback Mode would run tests except those executed so far.
Install dependencies:
$ npm install
Compile TypeScript code to lib
directory by running:
$ npm start
Register @knapsack-pro/core
package globally in your local system. This way we will be able to develop other npm packages dependent on it:
$ npm link
Set up your IDE:
WebStorm / PhpStorm
Install the following plugins:
Go to File > Settings > Languages & Frameworks > JavaScript > Code Quality Tools > ESLint
Turn on Enable
checkbox.
Go to File > Settings > Languages & Frameworks > TypeScript > TSLint
Turn on Enable
checkbox.
Go to File > Settings > Tools > File Watchers
Click Import
button and select watchers.xml
file from the repository.
Visual Studio Code
Install the following plugins:
Go to File > Preferences > Settings > Extensions > Prettier - Code formatter
Turn on Prettier: Eslint Integration
checkbox.
Turn on Prettier: Tslint Integration
checkbox.
Go to File > Preferences > Settings > Text Editor > Formatting
Turn on Format On Save
checkbox.
From now on every change in code base will be automatically formatted by Prettier. ESLint and TSLint errors will be also automatically fixed on every file save.
Write some code.
Sign in to npm registry with command:
$ npm adduser
Before releasing a new version of package please update CHANGELOG.md
with github_changelog_generator:
$ gem install github_changelog_generator
# generate CHANGELOG.md
$ github_changelog_generator KnapsackPro/knapsack-pro-core-js
$ git commit -am "Update CHANGELOG.md"
$ git push origin master
If you have added new files to the repository and they should be part of the released npm package then please ensure they are included in files
array in package.json
.
If you have changed any headers in README.md
please refresh table of contents with:
$ npm run doctoc
Compile project:
$ npm run build
In order to bump version of the package run below command. It will also create a version commit and tag for the release:
# bump patch version 0.0.x
$ npm version patch
# bump minor version 0.x.0
$ npm version minor
Push to git repository created commit and tag:
$ git push origin master --tags
Now when git tag is on Github you can update CHANGELOG.md
again.
$ github_changelog_generator KnapsackPro/knapsack-pro-core-js
$ git commit -am "Update CHANGELOG.md"
$ git push origin master
Now you can publish package to npm registry:
$ npm publish
FAQs
Knapsack Pro Core library splits tests across CI nodes and makes sure that tests will run in optimal time on each CI node. This library gives core features like communication with KnapsackPro.com API. This library is a dependency for other projects specif
We found that @knapsack-pro/core demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.