
Research
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
@privyid/eslint-plugin-varspacing
Advanced tools
Forking from https://gitlab.com/Ma27/eslint-plugin-varspacing
This plugin ships a simple and fixable ESLint rule to check if variable declarations are properly aligned.
npm install --save-dev eslint eslint eslint-plugin-varspacing
In order to activate the plugin the following options must be present in .eslintrc
:
{
"plugins": [
"varspacing"
],
"extends": "plugin:varspacing/recommended"
}
Please refer to the var-spacing docs for further details about the ruleset.
It's recommended to use the nix
package manager for development purposes.
A customized developer shell can be opened like this:
$ nix-shell
[nix-shell]$ npm test
Furthermore it's possible to actually build the package:
nix-build -A package tarball
To regenerate the locked package build run the following command:
node2nix . --supplement-input mocha.json -6 --composition nix/default.nix --node-env nix/node-env.nix --output nix/node-packages.nix --input package.json --supplement-output supplement.nix
This module is published under MIT license.
Please refer to the LICENSE
that was distributed with this package for further legal information.
FAQs
A eslint rule for proper var spacing
We found that @privyid/eslint-plugin-varspacing demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
Research
A malicious package uses a QR code as steganography in an innovative technique.
Research
/Security News
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.