Research
/Security News
Shai Hulud Strikes Again (v2)
Another wave of Shai-Hulud campaign has hit npm with more than 500 packages and 700+ versions affected.
By Socket Research Team -  Nov 24, 2025
🚨 Shai-Hulud Strikes Again:More than 500 packages and 700+ versions compromised.Technical Analysis →
@telefonica/la-generator
Advanced tools
@telefonica/la-generator
Generate Living App project scaffolding and development environment
la-template
This project was bootstrapped with Telefonica's Living app generator.
Dependencies:
- node 14
- docker & docker-compose
Quick start
Complete config.env file with your configuration secrets
Install npm dependencies: make install
Check available commands: make help:
Usage: make <command>
Commands:
install: install all dependencies.
dev-dialogs: run dialogs on aura-mini-bot.
pack-dialogs: generate dialogs package.
install-dialogs: install dialogs dependencies.
tunnel: create SSH tunnel using ngrok & uptate azure bot endpoint.
dev-stb: run set-top-box-haac web server.
dev-stb-mock: run set-top-box-haac web server using mocked aura client.
launch-stb: launch local set-top-box-haac web application to STB.
install-stb: install set-top-box-haac web application dependencies.
build-stb: build set-top-box-haac web application.
build-stb-mock: build set-top-box-haac web application using mocked aura client.
dev-mh: run movistar-home web server.
dev-mh-mock: run movistar-home web server using mocked aura client.
install-mh: install movistar-home web application dependencies.
build-mh: build movistar-home web application.
build-mh-mock: build movistar-home web application using mocked aura client.
Dialogs and SSH tunnel
Command make dev-dialogs will build your dialogs and run them on aura-mini-bot using docker.
aura-mini-bot uses Microsoft DirectLine to exchange messages with client applications. You'll need to expose your host to Microsoft Azure:
run make tunnel, navigate to https://microsoft.com/devicelogin and use the code given by the command.
After login, this command will use ngrok service and update your azure bot endpoint url.
Webapps
Use make dev-stb and make dev-mh to run your webapps and comunicate with your dialogs using Azure Direct Line.
For development, use make dev-stb-mockand make dev-mh-mock to use a mocked version of Aura Client.
Configure your responses at webapps/common/mocks/index.ts
Lean more
FAQs
Generate Living App project scaffolding and development environment
We found that @telefonica/la-generator demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Package last updated on 10 Nov 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Introducing Webhook Events for Alert Changes
Add real-time Socket webhook events to your workflows to automatically receive software supply chain alert changes in real time.
By Phil Gates-Idem -  Nov 21, 2025
Security News
ENISA Becomes a CVE Root, Expanding Its Role in Europe’s Vulnerability Ecosystem
ENISA has become a CVE Program Root, giving the EU a central authority for coordinating vulnerability reporting, disclosure, and cross-border response.
By Sarah Gooding -  Nov 21, 2025