Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@loopback/openapi-v3
Advanced tools
This package contains:
The package has functions described above for LoopBack controller classes. Decorators apply REST api mapping metadata to controller classes and their members. And utilities that inspect controller classes to build OpenAPI 3.0.0 specifications from REST API mapping metadata.
Functions for more artifacts will be added when we need.
npm install --save @loopback/openapi-v3
Currently this package only has spec generator for controllers. It generates
OpenAPI specifications for a given decorated controller class, including
paths
, components.schemas
, and servers
.
Here is an example of calling function getControllerSpec
to generate the
OpenAPI spec:
import {get, getControllerSpec} from '@loopback/openapi-v3';
class MyController {
@get('/greet')
greet() {
return 'Hello world!';
}
}
const myControllerSpec = getControllerSpec(MyController);
then the myControllerSpec
will be:
{
paths: {
'/greet': {
get: {
'x-operation-name': 'greet'
}
}
},
}
For details of how to apply controller decorators, please check http://loopback.io/doc/en/lb4/Decorators.html#route-decorators
See https://www.openapis.org/ and version 3.0.0 of OpenAPI Specification.
Run npm test
from the root folder.
See all contributors.
MIT
FAQs
Decorators that annotate LoopBack artifacts with OpenAPI v3 metadata and utilities that transform LoopBack metadata to OpenAPI v3 specifications
We found that @loopback/openapi-v3 demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.