Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@rdfjs/environment
Advanced tools
This package provides a flexible RDF/JS factory.
The Environment
class takes one or more RDF/JS factory classes and creates a new, merged instance.
All factory methods will use the Environment
instance as factory to create new object instances.
Clones can be created to manipulate an instance isolated from other instances.
The main export of the package is the Environment
class.
It can be imported like this:
import Environment from '@rdfjs/environment'
The following example shows how to build an environment that is a combined factory of a DataFactory and DatasetCoreFactory:
import DataFactory from '@@rdfjs/data-model/Factory.js'
import DatasetFactory from '@rdfjs/dataset/Factory.js'
import Environment from '@rdfjs/environment'
const env = new Environment([DataFactory, DatasetFactory])
Creates a new Environment
instance.
factories
must be an iterable (e.g., Array
) of RDF/JS factory classes.
This method creates a new, isolated Environment
instance with the same set of factories and clones of the instance data.
FAQs
A flexible RDF/JS factory
The npm package @rdfjs/environment receives a total of 8,806 weekly downloads. As such, @rdfjs/environment popularity was classified as popular.
We found that @rdfjs/environment demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.