Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Alloy is an MVC application framework by TiDev for the Titanium SDK.
# install the latest stable
[sudo] npm install -g alloy
# install a specific version
[sudo] npm install -g alloy@1.4.1
# install cutting edge directly from github
[sudo] npm install -g git://github.com/tidev/alloy.git
Alloy includes many sample and test apps in the sample/apps folder (see above). For example, basics/simple. You can run these in a few different ways:
Beginning with Alloy 1.6, you can do the following:
# first, create a Titanium Classic project
titanium create --name yourAppName
cd yourAppName
# then, convert it to an Alloy project, using the test app as a template
alloy new . --testapp basics/simple
# first, clone the repo
git clone https://github.com/tidev/alloy.git
cd alloy
# install jake globally
[sudo] npm install -g jake
# install alloy globally from the cloned repo
[sudo] npm install -g .
# install alloy's local testing dependencies
npm install
# run a test app
jake app:run dir=basics/simple
jake
including the arguments and flags it accepts.sudo
with the jake
command if you run into permission errors.jake
from within a user folder (i.e. C:\Users\tony\alloy
), as you can get all kinds of non-obvious permissions failures from the child processing Alloy does. Your safest bet is to just git clone
right to C:\alloy
.jake test:all
or npm test
, you do so on a non-Windows OS to ensure there's no red herring failures until the aforementioned node.js issue is resolved.jake test:all
, do jake test:spec[SPEC_NAME]
, where SPEC_NAME
is JS file in the test specs folder.Interested in contributing? There are several ways you can help contribute to this project.
Source code contributions are always welcome! Before we can accept your pull request, you must sign a Contributor License Agreement (CLA). Please visit https://tidev.io/contribute for more information.
Please consider supporting this project by making a charitable donation. The money you donate goes to compensate the skilled engineeers and maintainers that keep this project going.
TiDev wants to provide a safe and welcoming community for everyone to participate. Please see our Code of Conduct that applies to all contributors.
If you find a security related issue, please send an email to security@tidev.io instead of publicly creating a ticket.
For the latest information, please find us on Twitter: Titanium SDK and TiDev.
Join our growing Slack community by visiting https://slack.tidev.io
Titanium is a registered trademark of TiDev Inc. All Titanium trademark and patent rights were transferred and assigned to TiDev Inc. on 4/7/2022. Please see the LEGAL information about using our trademarks, privacy policy, terms of usage and other legal information at https://tidev.io/legal.
FAQs
TiDev Titanium MVC Framework
The npm package alloy receives a total of 590 weekly downloads. As such, alloy popularity was classified as not popular.
We found that alloy demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.