Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@movable/cli
Advanced tools
Like ember-cli
, but for Movable Ink apps.
yarn global add @movable/cli
movable new my-app
cd my-app
movable serve
This utility takes care of the following:
movable new my-app
)movable build
)movable serve
)movable init
)Everything below this point is about making modifications to the MDK itself. If you just want to use the MDK to build apps, you can find more documentation on the wiki.
Run all of the tests:
yarn run test
Check out this repository and install dependencies:
git clone https://github.com/movableink/movable-cli.git
cd movable-cli
yarn
Set up your PATH
to use your local movable
command:
export PATH=`pwd`/bin:$PATH
Now you can run commands like movable new
using your local movable-cli
. If you want to set up movable
to use a non-production oAuth server, you can create a file such as ~/local-movable.sh
where you set some environment variables:
export OAUTH_CLIENT_ID=changeme00000000000000000000000000000000000000000
export OAUTH_CLIENT_SECRET=changeme000000000000000000000000000000000000000000
export DASHBOARD_URL=http://localhost:3000
export DEPLOY_URL=http://localhost:4044
Then, to use the local endpoints, run source ~/local-movable.sh
before you run movable login
.
See LICENSE.md.
FAQs
Create and manage Movable Ink Studio applications
The npm package @movable/cli receives a total of 8 weekly downloads. As such, @movable/cli popularity was classified as not popular.
We found that @movable/cli demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 9 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.