Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@wharfkit/antelope
Advanced tools
NOTICE: This was formerly the @greymass/eosio
library distributed on npmjs. Future distributions will be made using the new organization and namespace, and distributed as @wharfkit/antelope
again on npmjs.
To update your codebase, remove the @greymass/eosio
library and add the @wharfkit/antelope
library, then replace all instances of @greymass/eosio
with @wharfkit/antelope
in all files.
JavaScript library for working with Antelope powered blockchains (formerly EOSIO, still compatible with EOSIO).
Avaiable on npm: https://www.npmjs.com/package/@wharfkit/antelope
npm install @wharfkit/antelope
https://wharfkit.github.io/antelope/
Documentation beyond the automatically generated API documentation above is currently incomplete. Until full documentation is complete, the tests themselves provide good reference material on how to do nearly everything.
https://github.com/wharfkit/antelope/tree/master/test
More:
If you think you've found an issue with this codebase, please submit a pull request with a failing unit test to better help us reproduce and understand the issue you are experiencing.
To do this, fork this repository and create your own branch. In this new branch, use the test scaffolding at the path below to write code that either fails to execute, throws an error, or doesn't return the anticipated response.
./test/bug-report.ts
This specific test can be run within the root project folder either using make
:
grep="bug-report" make test
Or running mocha
directly from the installed ./node_modules
folder:
TS_NODE_PROJECT='./test/tsconfig.json' ./node_modules/.bin/mocha -u tdd -r ts-node/register -r tsconfig-paths/register --extension ts test/*.ts --grep="bug-report"
Once your test is failing and successfully shows the issue occurring, please submit a pull request to this repository. Feel free to include any additional details in the body of the pull request that might help us understand the situation.
NOTE: If you are performing API requests from within unit tests, you will need to prepend
MOCK_RECORD=true
to the above commands in order instruct the test running to execute and cache the API request. Any subsequent API requests will utilize this cache to prevent the test from continously accessing API endpoints. Prefixing your command withMOCK_RECORD=overwrite
is also possible which forces the test to ignore the cache and fetch new data.
make test
make coverage
The report for the current version can also be found at: https://wharfkit.github.io/antelope/coverage/
make browser-test
The browser test suite for the current version of the library is available at: https://wharfkit.github.io/antelope/tests.html
Instructions and notes on debugging typescript in your IDE. Explains how to match the Mocha test configuration found in the Makefile.
Notes on setting up IDE Debuggers
Made with ☕️ & ❤️ by Greymass, if you find this useful please consider supporting us.
FAQs
Library for working with Antelope powered blockchains.
The npm package @wharfkit/antelope receives a total of 3,005 weekly downloads. As such, @wharfkit/antelope popularity was classified as popular.
We found that @wharfkit/antelope demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.