Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@mondaycom/apps-sdk
Advanced tools
This sdk is used to leverage some of the capabilities exposed via <monday-code />
:
string
and value can be any serializable type
(object, number, string, etc.)shared
:
false
(default) - The stored data will be accessible only you "backend" oriented apps (storage will not be shared between integrations and views).true
- The stored data will be accessible from both "backend" and "frontend" oriented apps.There are three methods exposed to manage the storage - set
, get
and delete
<ACCESS_TOKEN>
- access token of the customer/account the app is working on behalf ofimport { Storage } from '@mondaycom/apps-sdk';
const storage = new Storage('<ACCESS_TOKEN>');
key: string
- key to store the content forvalue: any
- value to storepreviousVersion?: string
- the last version of the stored value for a specific key (OPTIONAL)shared?: boolean
- whether the stored data will be accessible from both "backend" and "frontend" oriented apps (OPTIONAL)version: string
- the new version of the stored valueconst { version, success, error } = await storage.set(key, value, { previousVersion, shared });
const { value, version, success } = await storage.get(key, { shared });
const { success, error } = await storage.delete(key, { shared });
Secure storage
- when used in a deployed <monday-code/>
project it will automatically utilize the real secure storageLocal "secure storage"
- a local mock db which will mimic the api exposed by the real secure storage. Will work in this mode when sdk is used locally.
If there are no permissions to write files on the disk, Local "secure storage" will not be persisted
string
and value can be any type
(object, number, string, etc.)There are three methods exposed to manage the storage - set
, get
and delete
import { SecureStorage } from '@mondaycom/apps-sdk';
const secureStorage = new SecureStorage();
key: string
- key to store the content forvalue: any
- value to store (must be serializable)
value
await secureStorage.set(key, value);
const storedValue = await secureStorage.get(key);
await secureStorage.delete(key);
<monday-code/>
.$ mapps code:env -m set -k <key> -v <value>
There are two methods exposed to manage the environment variables - get
and getKeys
import { EnvironmentVariablesManager } from '@mondaycom/apps-sdk';
// Initialize the environment variables manager without injecting env into `process.env`
let envManager = new EnvironmentVariablesManager();
// Initialize the environment variables manager and inject env into `process.env`
envManager = new EnvironmentVariablesManager({ updateProcessEnv: true });
// Get cached environment variable
const cachedValue = envManager.get(key, { invalidate: false });
// Get the latest version of environment variable
const latestValue = envManager.get(key);
// Get all cached environment variables keys
const cachedKeys = envManager.getKeys({ invalidate: false });
// Get all environment variables keys
const latestKeys = envManager.getKeys();
logger
provides a simple way to log messages for your app in a project deployed <monday-code/>
.$ mapps code:logs
There are four methods exposed to manage the environment variables - info
, warn
, error
and debug
.
import { Logger } from '@mondaycom/apps-sdk';
const tag = 'my-app';
// tag will be added to every logged message
const logger = new Logger(tag);
logger.info('info message');
logger.warn('warn message');
logger.debug('debug message');
// Stack trace will be logged as well if error is provided
logger.error('error message', { error: new Error('error') });
FAQs
monday apps SDK for NodeJS
The npm package @mondaycom/apps-sdk receives a total of 962 weekly downloads. As such, @mondaycom/apps-sdk popularity was classified as not popular.
We found that @mondaycom/apps-sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.