Security News
New Python Packaging Proposal Aims to Solve Phantom Dependency Problem with SBOMs
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
admission-curriculum
Advanced tools
Challenges used by the admission process @Laboratoria
Note: Before going ahead, have a look at the admission documentation about typeform.
.typeformrc.example
file to .typeformrc
.typeformrc
carefullyThe Typeform ids required are:
"TYPEFORM_ID_BASE_LINE_QUESTIONNAIRE": "your-typeformid",
"TYPEFORM_ID_TESTS_READING": "your-typeformid",
"TYPEFORM_ID_TESTS_LOGIC": "your-typeformid",
"TYPEFORM_ID_TESTS_PERSONALITY": "your-typeformid",
Heads-up: There are two main keys: es-ES, pt-BR, for each available language, along with three sub-keys: development, staging and production, for each possible environment. Make sure you are setting up the right keys with the right values.
You can pass 2 arguments: --env
, --locale
development
| staging
| production
es-ES
| pt-BR
, default es-ES
The built topic will be stored in build/*
folder
Example:
npm run build -- --env=production --locale=pt-BR # --> build/admission-pt.json
npm run validate
npm run mdlint
npm run test
Once the topic is built, the next step is creating a new topic by making a request to Laboratoria API so that the new topic is available to be used by any cohort. You can use any HTTP Client tool, e.g. Postman, Insomnia, or if you love cli tools 🤟, I recommend using httpie
Note: The endpoint to create new topics requires authentication as well as the admin role. So, you should get an auth token before.
Example using httpie
# Authenticate to get a JWT (Json Web Token)
http POST http://api.laboratoria.la/auth email=myemail@testing.com password=xxxxxxx
# Upload a built topic
http POST https://api.laboratoria.la/topics 'Authorization:Bearer <token>' < ./build/admission.json
FAQs
Challenges used by the admission process @Laboratoria
The npm package admission-curriculum receives a total of 0 weekly downloads. As such, admission-curriculum popularity was classified as not popular.
We found that admission-curriculum demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
Security News
Socket CEO Feross Aboukhadijeh discusses open source security challenges, including zero-day attacks and supply chain risks, on the Cyber Security Council podcast.
Security News
Research
Socket researchers uncover how threat actors weaponize Out-of-Band Application Security Testing (OAST) techniques across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.