Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@remix-run/node
Advanced tools
@remix-run/node is a package that provides utilities for building server-side applications with Remix. It includes tools for handling HTTP requests and responses, managing sessions, and working with cookies, among other things.
Handling HTTP Requests and Responses
This feature allows you to create a request handler for your Remix application. The `createRequestHandler` function sets up the necessary context for handling HTTP requests and responses.
const { createRequestHandler } = require('@remix-run/node');
const handler = createRequestHandler({
getLoadContext() {
return { some: 'context' };
}
});
module.exports = handler;
Managing Sessions
This feature provides a way to manage user sessions using cookies. The `createCookieSessionStorage` function sets up session storage with specified cookie options.
const { createCookieSessionStorage } = require('@remix-run/node');
const sessionStorage = createCookieSessionStorage({
cookie: {
name: '__session',
secrets: ['s3cr3t'],
secure: true,
sameSite: 'lax',
path: '/',
httpOnly: true
}
});
module.exports = sessionStorage;
Working with Cookies
This feature allows you to create and manage cookies. The `createCookie` function sets up a cookie with specified options like max age and HTTP-only flag.
const { createCookie } = require('@remix-run/node');
const myCookie = createCookie('myCookie', {
maxAge: 60 * 60 * 24,
httpOnly: true
});
module.exports = myCookie;
Express is a minimal and flexible Node.js web application framework that provides a robust set of features for web and mobile applications. Unlike @remix-run/node, which is specifically designed for use with Remix, Express is a general-purpose framework that can be used for a wide variety of web applications.
Koa is a new web framework designed by the team behind Express, which aims to be a smaller, more expressive, and more robust foundation for web applications and APIs. Koa uses async functions to help you write cleaner, more readable code. While @remix-run/node is tailored for Remix applications, Koa is a more general-purpose framework.
Hapi is a rich framework for building applications and services. It enables developers to focus on writing reusable application logic instead of spending time building infrastructure. Hapi is more configuration-driven compared to @remix-run/node, which is more convention-driven and integrated with Remix.
Remix is a web framework that helps you build better websites with React.
To get started, open a new shell and run:
npx create-remix@latest
Then follow the prompts you see in your terminal.
For more information about Remix, visit remix.run!
v2.9.1
Date: 2024-04-24
@remix-run/dev
- Fix issue where consumers who had added Remix packages to Vite's ssr.noExternal
option were being overridden by the Remix Vite plugin adding Remix packages to Vite's ssr.external
option (#9301)@remix-run/react
- Ignore future/*.d.ts
files from TS build (#9299)Full Changelog: v2.9.0...v2.9.1
FAQs
Node.js platform abstractions for Remix
The npm package @remix-run/node receives a total of 807,031 weekly downloads. As such, @remix-run/node popularity was classified as popular.
We found that @remix-run/node demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.