Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@nebula.js/cli-serve
Advanced tools
Basic web development server for nebula.js visualizations.
npm install @nebula.js/cli @nebula.js/cli-serve -g
nebula serve -h
Start a development server
Options:
--version Show version number [boolean]
--config, -c Path to JSON config file
[string] [default: "nebula.config.js"]
--entry File entrypoint [string]
--type Generic object type [string]
--keyboardNavigation [boolean] [default: false]
--build [boolean] [default: true]
--host [string] [default: "localhost"]
--port [number]
--disableHostCheck [boolean] [default: false]
--resources Path to a folder that will be served as static files under
/resources [string]
--scripts Array of scripts to inject [array]
--stylesheets Array of stylesheets to inject [array]
--enigma.host [string] [default: "localhost"]
--enigma.port [number] [default: 9076]
--webIntegrationId [string]
--fixturePath Path to a folder that will be used as basis when locating
fixtures [string] [default: "test/component"]
--mfe Serves bundle to use in micro frontend [boolean]
-h, --help Show help [boolean]
Start the server and connect to enigma on port 9077
nebula serve --enigma.port 9077
nebula.config.js
module.exports = {
serve: {
...,
},
};
Serve properties:
ex: types: [{ name: 'barchart', url: "https://unpkg.com/@nebula.js/sn-bar-chart"}],
ex: themes: [{ id: 'sense', theme: { /* valid sense json theme */ } }],
flags: { SOME_FEATURE: true }
const serve = require('@nebula.js/cli-serve');
serve({
port: 3000,
entry: path.resolve(__dirname, 'sn.js') // custom entrypoint
enigma: {
port: 9077
}
}).then(s => {
s.url; // serve url
s.close(); // close the server
});
The MFE mode, activated with the --mfe
option, builds a visualisation which is
used in a micro frontend environemnt. The visualisation is served at:
https://<host>:<port>/pkg/<module name>
The module name is by default the name in package.json
but may be overriden using the
--type
option.
The MFE mode runs in HTTPS which requires certificates to be installed in the environment running nebula serve.
The regular dev environment in nebula serve is disabled when running in this mode.
There are a few ways to install local trusted certificates on your machine, The important
end result is that there are two files ~/.certs/cert.pem
(the certificate) and
~/.certs/key.pem
(the public key). Read about how certificates work
here. If you already
have a self-signed and trusted certificate in this location, then skip this guide.
Install mkcert - documentation
brew install mkcert
Make sure the active directory is user folder and run the following:
$ mkdir ~/.certs
$ mkcert -install
$ mkcert -key-file ~/.certs/key.pem -cert-file ~/.certs/cert.pem localhost 127.0.0.1 ::1
Verify that two new files have appeared in the certs/ - folder
FAQs
Unknown package
The npm package @nebula.js/cli-serve receives a total of 507 weekly downloads. As such, @nebula.js/cli-serve popularity was classified as not popular.
We found that @nebula.js/cli-serve demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.