
Security News
npm v12 Ships With Install Scripts Off by Default, Begins Deprecating 2FA-Bypass Tokens
npm v12 is generally available, turning install scripts off by default and beginning the deprecation of 2FA-bypass publishing tokens.
@nocobase/plugin-data-source-manager
Advanced tools
Manage data sources, including the built-in Master database, external databases, APIs, etc.
NocoBase is the most extensible AI-powered no-code platform.
Total control. Infinite extensibility. AI collaboration.
Enable your team to adapt quickly and cut costs dramatically.
No years of development. No millions wasted.
Deploy NocoBase in minutes — and take control of everything.
Homepage:
https://www.nocobase.com/
Online Demo:
https://demo.nocobase.com/new
Documents:
https://docs.nocobase.com/
Forum:
https://forum.nocobase.com/
Use Cases:
https://www.nocobase.com/en/blog/tags/customer-stories
Our blog is regularly updated with release notes and provides a weekly summary.
Instead of being constrained by forms or tables, NocoBase adopts a data model–driven approach, separating data structure from user interface to unlock unlimited possibilities.

Unlike standalone AI demos, NocoBase allows you to embed AI capabilities seamlessly into your interfaces, workflows, and data context, making AI truly useful in real business scenarios.

While enabling the development of complex business systems, NocoBase keeps the experience simple and intuitive.

Adding more no-code features will never cover every business case. NocoBase is built for extension through its plugin-based microkernel architecture.

NocoBase supports three installation methods:
Installing With Docker (👍Recommended)
Suitable for no-code scenarios, no code to write. When upgrading, just download the latest image and reboot.
Installing from create-nocobase-app CLI
The business code of the project is completely independent and supports low-code development.
Installing from Git source code
If you want to experience the latest unreleased version, or want to participate in the contribution, you need to make changes and debug on the source code, it is recommended to choose this installation method, which requires a high level of development skills, and if the code has been updated, you can git pull the latest code.
FAQs
Manage data sources, including the built-in Master database, external databases, APIs, etc.
The npm package @nocobase/plugin-data-source-manager receives a total of 3,097 weekly downloads. As such, @nocobase/plugin-data-source-manager popularity was classified as popular.
We found that @nocobase/plugin-data-source-manager demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Security News
npm v12 is generally available, turning install scripts off by default and beginning the deprecation of 2FA-bypass publishing tokens.

Research
/Security News
Socket tracks the activity as Operation “Muck and Load”: a threat actor uses commit-farming workflows, public dead drops, and protected archives to stage Windows RAT and infostealer malware.

Security News
pnpm 11.10 hardens registry auth to block token redirection, tightens pack-app and deploy, and makes the Rust port (v12) installable.