Research
Security News
Kill Switch Hidden in npm Packages Typosquatting Chalk and Chokidar
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
@paytrail/react-paytrail-e2
Advanced tools
React library and component for creating payments with Paytrail E2 interface.
React library and component for creating payments with Paytrail E2 Interface.
This library outputs a new <form>
HTML element including all the required and optional fields as <input>
elements for the E2 interface. Authcode required by Paytrail is calculated dynamically on render.
Payment may be dispatched to the service by submitting the form. Invalid parameters will instantly be caught by the payment service.
⚠️ This is still a work-in-progress. We appreciate your help in testing the logic and fixing any defects found. See how to contribute.
# Yarn
yarn add react-paytrail-e2
# NPM
npm install --save react-paytrail-e2
The payment form component should be added to your existing order page.
import { Form } from '@paytrail/react-paytrail-e2'
/* order page JSX */
<Form {...props} />
This project includes a demo React application which you can use to study the on how to pass different properties to this component.
The library source code can be found under the src/
directory, and the example app under the example/
directory.
First, install dependencies with yarn
. Then invoke a Jest watcher with yarn test:unit
to validate your changes.
NOTE: As of yet, there's no automated end-to-end test suite for creating a real payment. Make sure the demo application can create a new payment by click of a button and there are no interface errors.
After you're satisfied with the changes and all tests pass, open a pull request to this project.
Follow the steps below to release a new version:
version
field in package.json to contain the new version bumped according to semantic versioning ruleschore: bump version to <version>
(fill in the new version)NOTE: GitHub Actions pipeline automatically pushes new releases to GitHub package registry when a new release is published. Currently, there's no automatic publishing to NPM registry so it has to be handled manually. Consider using a tool like np
to handle releases.
FAQs
React library and component for creating payments with Paytrail E2 interface.
The npm package @paytrail/react-paytrail-e2 receives a total of 1 weekly downloads. As such, @paytrail/react-paytrail-e2 popularity was classified as not popular.
We found that @paytrail/react-paytrail-e2 demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.