Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@snyk/sweater-comb
Advanced tools
“Sweats the small stuff, so you don’t have to. OpenAPI linting rules for Snyk APIs.”
“Sweats the small stuff, so you don’t have to. OpenAPI linting rules for Snyk APIs.”
At Snyk, we’re starting an API Program whose goal it is to create a beautiful garden of repeatable & concise APIs that empower Snyk customers, partners, and Snyk’ers alike to easily and quickly build new experiences and products.
Such an API needs some guardrails to stay cohesive, consistent and “unsurprising” to its consumers, as the platform scales in the number of concepts it provides and the number of teams delivering them.
Sweater Comb is a tool which provides some of those guardrails with automation, initially by applying custom Optic CI rules to Snyk's OpenAPI specifications.
Read more about the project in Sweater Comb documentation.
npm install @snyk/sweater-comb --save-dev
If you are contributing to Sweater Comb, read the contributing guidelines
Licensed under the Apache 2.0 License
Copyright (c) 2021-present, Snyk Ltd.
FAQs
“Sweats the small stuff, so you don’t have to. OpenAPI linting rules for Snyk APIs.”
We found that @snyk/sweater-comb demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.