Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@outgrowio/reaction-dummy-data
Advanced tools
Generates dummy data (products, tags & orders) for Reaction Commerce.
First, install the package in your project's reaction
(API) directory:
npm install --save-dev @outgrowio/reaction-dummy-data
Then, register the plugin in your project's reaction/plugins.json
:
{
...,
"dummyData": "@outgrowio/reaction-dummy-data/index.js"
}
With the plugin registered, restart your API container to finalize the installation.
If you prefer to have a user interface in your reaction-admin
rather than making GraphQL calls manually, use this plugin together with reaction-dummy-data-ui
.
Once the plugin is registered, you get access to the following GraphQL mutations. Call these from the GraphQL Playground at http://localhost:3000/graphql.
As you can see in the example variables, there is no need to encode the shopId
. This is a developer tool, and we want to keep things straightforward.
mutation loadProductsAndTags($input: LoadProductsAndTagsInput!) {
loadProductsAndTags(input: $input) {
productsCreated,
tagsCreated
}
}
Call with the following variables:
{
"input": {
"shopId": "kspBu62vAyXnnb2v6",
"desiredTagCount": 15,
"desiredProductCount": 20
}
}
mutation loadProductImages($input: LoadProductImagesInput!) {
loadProductImages(input: $input) {
wasDataLoaded
}
}
Call with the following variables:
{
"input": {
"shopId": "kspBu62vAyXnnb2v6"
}
}
mutation loadOrders($input: LoadOrdersInput!) {
loadOrders(input: $input) {
ordersCreated
}
}
Call with the following variables:
{
"input": {
"shopId": "kspBu62vAyXnnb2v6",
"desiredOrderCount": 15
}
}
Beware: this will erase the content of the Products
, Catalog
, Tags
and Orders
collections!
mutation removeAllData($input: RemoveDataInput!) {
removeAllData(input: $input) {
wasDataRemoved
}
}
Call with the following variables:
{
"input": {
"shopId": "kspBu62vAyXnnb2v6"
}
}
Don't forget to use an Authorization
HTTP header to authenticate your API calls. Example:
{
"Authorization": "skwL_8jUOkmom7wW_se6_XgfSBtBrUBSR9UL-CUq74A.fwTZ8_G2QTMPf83O6jAOtYxyEU1TYV6spm8abPENutg"
}
You can get the value for the Authorization
header in the reaction-admin
UI (http://localhost:4080). By using your browser's network analyzer in the devtools, look for any recent POST
call to /graphql
or /graphql-beta
and copy the value for Authorization
in the request headers.
This plugin is a developer tool and hasn't necessarily been built with optimal performance in mind. It will make your GraphQL server hang while generating products, tags, images or orders. These mutations will most likely take time to finish because of the necessary use of many await
s in the code.
We hope that the job-queue
plugin will soon be available as an NPM package, enabling us to simply register jobs instead of having so much synchronous code in mutation resolvers. Until then, PRs are obviously welcome to enhance performance!
Need help integrating this plugin into your Reaction Commerce project? Simply looking for expert Reaction Commerce developers? Want someone to train your team to use Reaction at its fullest?
Whether it is just a one-hour consultation to get you set up or helping your team ship a whole project from start to finish, you can't go wrong by reaching out to us:
FAQs
Generates dummy data for Reaction Commerce
We found that @outgrowio/reaction-dummy-data demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.