
Research
Security News
Lazarus Strikes npm Again with New Wave of Malicious Packages
The Socket Research Team has discovered six new malicious npm packages linked to North Korea’s Lazarus Group, designed to steal credentials and deploy backdoors.
@sap/hana-tooling-feature-toggles
Advanced tools
A node library for checking feature toggles. It gives you the option to create standard feature toggles and also feature toggles for Visual Studio Code commands.
A node library for checking feature toggles. It gives you the option to create standard feature toggles and also feature toggles for Visual Studio Code commands.
Create an instance managing your feature toggles. The first parameter has to be either a JSON object or a string. The second parameter is the name of your Visual Studio Code extension (optional) if you want to enable / disable Visual Studio Code commands. The third parameter is a Visual Studio Code API object (optional). Depending on the type of your first parameter the module will a) directly use the provided feature toggles. b) check if the string is stringified JSON. c) try to read the file at the provided path.
Pure Node.js:
// With JSON parameter.
import FeatureToggles = require("@sap/hana-tooling-feature-toggles");
const myFeatures = {
"featureToggles": [
{
"name": "helloworld",
"status": "released"
}
]
};
const FeatureToggleInstance = new FeatureToggles(myFeatures);
// With string parameter.
import FeatureToggles = require("@sap/hana-tooling-feature-toggles");
const FeatureToggleInstance = new FeatureToggles(__dirname + "/../features.json");
// With stringified JSON parameter.
import FeatureToggles = require("@sap/hana-tooling-feature-toggles");
const myFeatures = {
"featureToggles": [
{
"name": "helloworld",
"status": "released"
}
]
};
const featureString = JSON.stringify(myFeatures);
const FeatureToggleInstance = new FeatureToggles(featureString);
Visual Studio Code:
const vscode = require( 'vscode' );
import FeatureToggles = require("@sap/hana-tooling-feature-toggles");
const FeatureToggleInstance = new FeatureToggles(__dirname + "/../features.json", "featuretoggletest", vscode);
The structure of your JSON object / file (first parameter) should be:
{
"featureToggles": [
{
"name": "helloworld",
"status": "released"
},
{
"name": "helloworlddisabled",
"status": "dev"
},
{
"name": "helloworldqa",
"status": "candidate"
}
]
}
The name is the unique identifier of your feature and the status determines whether it is in development, a candidate for release or a released feature.
FeatureToggles.isFeatureEnabled("featureToggleName")
This function checks if the feature 'featureToggleName' is enabled inside your specified .json file for feature toggles:
FeatureToggles.isCommandEnabled("featureToggleName")
This function should only be used if you are developing a Visual Studio Code extension and want to set feature toggles for commands. It will work like '.isFeatureEnabled("featureToggleName")' with the difference that it will set a Visual Studio Code context variable which makes the command visible to the user.
The set Visual Studio Code context variable will be:
"extensionName:featureToggleName"
So the package.json file of your extension should contain the following structure:
"contributes": {
"commands": [
{
"command": "extensionName.commandName",
"title": "Hello World (enabled)"
}
],
"menus": {
"commandPalette": [
{
"command": "extensionName.commandName",
"when": "extensionName:featureToggleName1"
}
],
"editor/context": [
{
"command": "extensionName.commandName",
"when": "extensionName:featureToggleName2"
}
]
}
}
This package is provided under the terms of the SAP Developer License Agreement.
FAQs
A node library for checking feature toggles. It gives you the option to create standard feature toggles and also feature toggles for Visual Studio Code commands.
The npm package @sap/hana-tooling-feature-toggles receives a total of 23,285 weekly downloads. As such, @sap/hana-tooling-feature-toggles popularity was classified as popular.
We found that @sap/hana-tooling-feature-toggles demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
The Socket Research Team has discovered six new malicious npm packages linked to North Korea’s Lazarus Group, designed to steal credentials and deploy backdoors.
Security News
Socket CEO Feross Aboukhadijeh discusses the open web, open source security, and how Socket tackles software supply chain attacks on The Pair Program podcast.
Security News
Opengrep continues building momentum with the alpha release of its Playground tool, demonstrating the project's rapid evolution just two months after its initial launch.