
Research
/Security News
Weaponizing Discord for Command and Control Across npm, PyPI, and RubyGems.org
Socket researchers uncover how threat actors weaponize Discord across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.
@scalar/api-client
Advanced tools
The Scalar API Client is a powerful tool designed to simplify API testing and integration. This versatile package offers multiple usage options:
npm install @scalar/api-client
You can mount the full-blown API Client to your DOM like this:
<!-- index.html -->
<!doctype html>
<html lang="en">
<head>
<meta charset="UTF-8" />
<meta
name="viewport"
content="width=device-width, initial-scale=1.0" />
<title>Scalar API Client App</title>
</head>
<body>
<div
id="scalar-client"
class="scalar-app scalar-client"></div>
<script
type="module"
src="./main.js"></script>
</body>
</html>
// main.js
import { createApiClientApp } from '@/App'
// Initialize
await createApiClientApp(document.getElementById('scalar-client'), {
url: 'https://registry.scalar.com/@scalar/apis/galaxy/latest?format=json',
proxyUrl: 'https://proxy.scalar.com',
})
Or you can mount a more compact version, which is living in a modal:
// main.js
import { createApiClientApp } from '@/App'
// Initialize
const { open } = await createApiClientApp(
document.getElementById('scalar-client'),
{
url: 'https://registry.scalar.com/@scalar/apis/galaxy/latest?format=json',
proxyUrl: 'https://proxy.scalar.com',
},
)
// Open the API client right-away
open()
// Or: Open a specific operation
// open({
// method: 'GET',
// path: '/me',
// })
/** Configuration options for the Scalar API client */
export type ClientConfiguration = {
/** The Swagger/OpenAPI document to render */
spec: SpecConfiguration
/** Pass in a proxy to the API client */
proxyUrl?: string
/** Pass in a theme API client */
themeId?: string
/** Whether to show the sidebar */
showSidebar?: boolean
/** Whether dark mode is on or off initially (light mode) */
// darkMode?: boolean
/** Key used with CTRL/CMD to open the search modal (defaults to 'k' e.g. CMD+k) */
searchHotKey?:
| 'a'
| 'b'
| 'c'
| 'd'
| 'e'
| 'f'
| 'g'
| 'h'
| 'i'
| 'j'
| 'k'
| 'l'
| 'm'
| 'n'
| 'o'
| 'p'
| 'q'
| 'r'
| 's'
| 't'
| 'u'
| 'v'
| 'w'
| 'x'
| 'y'
| 'z'
}
The following methods are returned from the createApiClientModal
call:
Opens the modal while allowing you to select which request to open to
open({ path: string; method: RequestMethod })
Allows you to update the config at any time, this will clear your current state and re-import a fresh spec!
updateConfig(newConfig: ClientConfiguration, mergeConfigs?: boolean): void
We are API nerds. You too? Let's chat on Discord: https://discord.gg/scalar
The source code in this repository is licensed under MIT.
FAQs
the open source API testing client
The npm package @scalar/api-client receives a total of 68,991 weekly downloads. As such, @scalar/api-client popularity was classified as popular.
We found that @scalar/api-client demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 10 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
Socket researchers uncover how threat actors weaponize Discord across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.
Security News
Socket now integrates with Bun 1.3’s Security Scanner API to block risky packages at install time and enforce your organization’s policies in local dev and CI.
Research
The Socket Threat Research Team is tracking weekly intrusions into the npm registry that follow a repeatable adversarial playbook used by North Korean state-sponsored actors.