
Research
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
@vrbo/jarviz-graph
Advanced tools
Jarviz graph tool is designed for graphing the dependency coupling data for Java applications. The dependency coupling data provided as a JSON Lines (.jsonl) file is generated from Jarviz Java library.
In order to run the tool, Jarviz Graph expects node and npm to be installed in the system as a prerequisite.
$ npm install
$ npm run build:example
The output is generated as HTML files in the build
directory using the mock coupling data from lib/mock
directory.
To generate the HTML graph using specified coupling data, run:
npx "@homeaway/jarviz-graph" -i <Input Directory> -o <Output Directory>
-i, --input <path> Input path to the directory containing Jarviz JSONL
-o, --output <path> Output path to the directory for HTML graph
This project is available under the Apache 2.0 License.
Copyright 2020 Expedia, Inc.
[0.1.7] - 2021-05-06
FAQs
Utility for graphing JAR coupling data provided via jarviz
The npm package @vrbo/jarviz-graph receives a total of 1 weekly downloads. As such, @vrbo/jarviz-graph popularity was classified as not popular.
We found that @vrbo/jarviz-graph demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 10 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
Research
A malicious package uses a QR code as steganography in an innovative technique.
Research
/Security News
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.