Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@superset-ui/connection
Advanced tools
Connection modules for Superset:
SupersetClient
requests and authenticationi18n
locales and translationThe SupersetClient
handles all client-side requests to the Superset backend. It can be configured
for use within the Superset application, or used to issue CORS
requests in other applications. At
a high-level it supports:
CSRF
token authentication
GET
and POST
requests (no PUT
or DELETE
)AbortController
APIGET
requests using If-None-Match
and ETag
headers// appSetup.js
import { SupersetClient } from `@superset-ui/connection`;
// or import SupersetClient from `@superset-ui/connection/lib|esm/SupersetClient`;
SupersetClient.configure(...clientConfig);
SupersetClient.init(); // CSRF auth, can also chain `.configure().init();
// anotherFile.js
import { SupersetClient } from `@superset-ui/connection`;
SupersetClient.post(...requestConfig)
.then(({ request, json }) => ...)
.catch((error) => ...);
The following flags can be passed in the client config call
SupersetClient.configure(...clientConfig);
protocol = 'http:'
host
headers
credentials = 'same-origin'
(set to include
for non-Superset apps)mode = 'same-origin'
(set to cors
for non-Superset apps)timeout
csrfToken
you can configure the client with a CSRF token at configuration time, else the client
will attempt to fetch this before any other requests are issuedThe following flags can be passed on a per-request call SupersetClient.get/post(...requestConfig);
url
or endpoint
headers
body
timeout
signal
(for aborting, from const { signal } = (new AbortController())
)POST
requests
postPayload
(key values are added to a new FormData()
)stringify
whether to call JSON.stringify
on postPayload
valuesPer-request aborting is implemented through the AbortController
API:
import { SupersetClient } from '@superset-ui/connection';
import AbortController from 'abortcontroller-polyfill';
const controller = new AbortController();
const { signal } = controller;
SupersetClient.get({ ..., signal }).then(...).catch(...);
if (IWantToCancelForSomeReason) {
signal.abort(); // Promise is rejected, request `catch` is invoked
}
@data-ui/build-config
is used to manage the build configuration for this package including babel
builds, jest testing, eslint, and prettier.
FAQs
Superset UI connection
We found that @superset-ui/connection demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 14 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.