Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@merchantlabs/micro-express
Advanced tools
Port of Zeit's micro-dev but for Express instead of micro.
This command line interface provides a belt full of tools that make building microservices using micro a breeze! It's only meant to be used in development, not in production (that's where micro comes in).
stdout
Error
object if any exceptions are thrownImportant: This tool is only meant to be used in development. In production, you should use micro, which is much lighter and faster (and also comes without the belt of tools used when developing microservices).
When preparing your development environment, firstly install micro-dev
:
npm install --save-dev micro-dev
Note: You'll need at least Node.js v7.6.0 to run micro-dev
.
Next, add a new script
property below micro
inside package.json
:
"scripts": {
"start": "micro",
"dev": "micro-dev"
}
As the final step, start the development server like this:
npm run dev
The package can be used in conjunction with the Node.js inspector like this:
"scripts": {
"inspect": "node --inspect node_modules/.bin/micro-dev"
}
As the final step, start the development server like this:
yarn run inspect
cd micro-dev
npm link
Inside the project where you want to test your clone of the package, you can now either use npm link micro-dev
to link the cloned source to your project's local dependencies or run micro-dev
right in your terminal.
FAQs
Port of Zeit's micro-dev but for Express instead of micro.
The npm package @merchantlabs/micro-express receives a total of 0 weekly downloads. As such, @merchantlabs/micro-express popularity was classified as not popular.
We found that @merchantlabs/micro-express demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.