Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@nebula.js/cli-serve
Advanced tools
Basic web development server for nebula.js visualizations.
Basic web development server for nebula.js visualizations.
npm install @nebula.js/cli @nebula.js/cli-serve -g
nebula serve -h
Start a development server
Options:
--version Show version number [boolean]
-c, --config Path to JSON config file
[string] [default: "nebula.config.js"]
--entry File entrypoint [string]
--type Generic object type [string]
--build Build the nebula visualization into /dist dictionary
[boolean] [default: true]
--host Specify a host to use[string] [default: "localhost"]
--port Specify a port number to listen for requests on
[number]
--disableHostCheck Bypasses host checking [boolean] [default: false]
--keyboardNavigation Whether or not Nebula handles keyboard navigation
[boolean] [default: false]
--resources Path to a folder that will be served as static files
under /resources [string]
--scripts Array of scripts to inject [array]
--stylesheets Array of stylesheets to inject [array]
--enigma.host Set host to communicate with Qlik Associative Engine
[string] [default: "localhost"]
--enigma.port Set port to communicate with Qlik Associative Engine
[number] [default: 9076]
--clientId Tenant's clientId for OAuth connection [string]
--webIntegrationId Tenant's webIntegrationId for connection [string]
--fixturePath Path to a folder that will be used as basis when
locating fixtures
[string] [default: "test/component"]
--mfe Serves bundle to use in micro frontend
[boolean] [default: false]
-h, --help Show help [boolean]
Start the server and connect to enigma on port 9077
nebula serve --enigma.port 9077
nebula.config.js
module.exports = {
serve: {
...,
},
};
Serve properties:
ex: types: [{ name: 'barchart', url: "https://unpkg.com/@nebula.js/sn-bar-chart"}],
ex: themes: [{ id: 'sense', theme: { /* valid sense json theme */ } }],
flags: { SOME_FEATURE: true }
const serve = require('@nebula.js/cli-serve');
serve({
port: 3000,
entry: path.resolve(__dirname, 'sn.js') // custom entrypoint
enigma: {
port: 9077
}
}).then(s => {
s.url; // serve url
s.close(); // close the server
});
The MFE mode activated with the --mfe
option, builds a visualisation which is
used in a micro frontend environment. The visualisation is served at:
https://<host>:<port>/pkg/<module name>
The module name is by default the name in package.json
but may be overridden using the
--type
option.
The MFE mode runs in HTTPS which requires certificates to be installed in the environment running nebula serve.
The regular dev environment in nebula serve is disabled when running in this mode.
There are a few ways to install locally trusted certificates on your machine, The important
end result is that there are two files ~/.certs/cert.pem
(the certificate) and
~/.certs/key.pem
(the public key). Read about how certificates work
here. If you already
have a self-signed and trusted certificate in this location, then skip this guide.
Install mkcert - documentation
brew install mkcert
Make sure the active directory is the user folder and run the following:
$ mkdir ~/.certs
$ mkcert -install
$ mkcert -key-file ~/.certs/key.pem -cert-file ~/.certs/cert.pem localhost 127.0.0.1 ::1
Verify that two new files have appeared in the certs/ - folder
webpack and webpack-dev-server are used behind the web development server for nebula.js visualizations. You can find more info from webpack configuration and webpack-dev-server configuration.
4.0.0-alpha.10 (2023-05-03)
FAQs
Unknown package
The npm package @nebula.js/cli-serve receives a total of 507 weekly downloads. As such, @nebula.js/cli-serve popularity was classified as not popular.
We found that @nebula.js/cli-serve demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.