
Research
/Security News
Critical Vulnerability in NestJS Devtools: Localhost RCE via Sandbox Escape
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
@rhoas/api-mock
Advanced tools
Project provides mocking capabilities for RHOAS APIs. Mock supports in memory storage to give developers abstraction of running service.
Project provides mocking capabilities for RHOAS APIs. Mock supports in memory storage to give developers abstraction of running service.
Every SDK provided by RHOAS has available API mock. Mock provides simulation of in memory implementation of APIs that can be used for development and testing.
npx @rhoas/api-mock
docker run -p 8080:8000 quay.io/rhosak/api-mock
npm install -g @rhoas/api-mock
## Run CLI
asapi
Starting mock with sample data present:
asapi --pre-seed
Mock provides support for managemement and instances APIs
Instance API use following prefixes
/data/kafka
for kafka instance/data/service-registry
for service registry instanceTo simulate multiple instances please run many instances of mock.
yarn
yarn build
yarn start # API running at http://localhost:9000
CUSTOM_PORT
- custom port number used default is 8000
CUSTOM_HOST
- custom url used in returned data. default http://localhost
RESOURCE_OWNER
- provide custom owner value as we do not have ability to detect it in mock.
For example: "RESOURCE_OWNER=wtrocki_kafka_devexp yarn start"
AMS_QUOTA_TYPE
- provide the quota type to be mocked. The valid values are - "trial", "standard" and "marketplace".
docker build -t quay.io/rhosak/api-mock .
docker push quay.io/rhosak/api-mock
You can call api by starting individual web clients per api or running examples against mock.
yarn api:kafka-management
yarn api:kafka-instance
yarn api:registry-management
yarn api:registry-instance
FAQs
Project provides mocking capabilities for RHOAS APIs. Mock supports in memory storage to give developers abstraction of running service.
We found that @rhoas/api-mock demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
Product
Customize license detection with Socket’s new license overlays: gain control, reduce noise, and handle edge cases with precision.
Product
Socket now supports Rust and Cargo, offering package search for all users and experimental SBOM generation for enterprise projects.