Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@warp-ds/component-classes
Advanced tools
This is the core package for Warp component classes.
The package includes component classes, such as:
pnpm install @warp-ds/component-classes
Install dependencies:
pnpm install
This project uses
Semantic Release to
automate package publishing when making changes to the main
or alpha
branch.
It is recommended to branch off the alpha
branch. Make sure alpha
branch is
updated with the latest main
.
Follow conventional commits
when making changes. When your changes are ready for pull request, this should be
opened against the alpha
branch.
Please note that the version published will depend on your commit message structure. You can use commitizen to help follow this structure:
npm install -g commitizen
When installed, you should be able to type cz
or git cz
in your terminal to
commit your changes (replacing git commit
).
1.0.0-alpha.46 (2023-04-28)
FAQs
WARP component classes
The npm package @warp-ds/component-classes receives a total of 80 weekly downloads. As such, @warp-ds/component-classes popularity was classified as not popular.
We found that @warp-ds/component-classes demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.