Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@snyk/sweater-comb
Advanced tools
Sweats the small stuff, so you don't have to. OpenAPI linting rules for Snyk APIs.
Sweats the small stuff, so you don't have to. OpenAPI linting rules for Snyk APIs.
At Snyk, we're starting an API program that aims to maximize the value we provide to developers and the extensibility of our platform through our APIs.
Such an API needs some guardrails to stay cohesive, consistent and "unsurprising" to its consumers, as the platform scales in the number of concepts it provides and the number of teams delivering them.
Sweater Comb helps provide some of those guardrails with automation, initially by applying custom Optic CI rules to our OpenAPI specifications.
Read more about our API program here.
JSON API is a standard for representing resources as JSON data.
Generally, our API adheres closely to the JSON API specification. JSON API: The Good Parts describes how we adapted JSON API into our API standards.
We found JSON API to be an excellent starting point for a resource-based API, formatting and structuring JSON data in requests and responses. Leveraging JSON API's opinionated choices enabled us to focus more on designing and building the actual content of our API.
What does JSON API look like? What do I need to know to get started building a resource in 5 minutes? Let’s cover the basics first; you can always refer to the JSON API specification for a deeper understanding of specific details.
Read more about our experiences with JSON API here.
How we version our API, and more to the point, API requirements necessary in order to implement our versioning scheme.
Read more about how we version here.
Everything else; other requirements we found necessary to keep our API nice and neat.
TODO
FAQs
“Sweats the small stuff, so you don’t have to. OpenAPI linting rules for Snyk APIs.”
We found that @snyk/sweater-comb demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.