Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
angular-eha.autofocus
Advanced tools
Install with npm:
npm install --save angular-eha.autofocus
Or alternatively bower:
bower install --save angular-eha.autofocus
The distribution bundle comes in 2 flavours, one with templates, one without - as well as providing both minified and unminfied versions of both, so take your pick:
Then simply add eha.autofocus
and eha.autofocus.templates
(if you want templates!) as a dependencies somewhere in your project that makes sense and you're good to go.
If you're using wiredep dist/angular-eha.autofocus.template.js
will be injected by default. If you don't want that to happen you'll like want to employ something along the following lines in your Gruntfile
:
wiredep: {
...
options: {
exclude: [
'bower_components/angular-eha.autofocus/dist/angular-eha.autofocus.templates.js'
]
}
...
}
Then you're free to include whichever bundle you prefer in what ever manner you prefer.
<html ng-app="backButtonExample">
<head>
<title>Back Button Example</title>
<script src="bower_components/angular/angular.js"></script>
<script src="bower_components/angular/angular-eha.autofocus.js"></script>
<script>
angular.module('backButtonExample', [
'eha.autofocus'
]);
</script>
</head>
<body>
<!-- Put an example here! -->
</body>
</html>
# Fork the upstream repo on github and pull down your fork
git clone git@github.com:yourusername/angular-eha.autofocus.git
# change into project folder
cd angular-eha.autofocus
# Add the upstream as a remote
git remote add upstream git@github.com:eHealthAfrica/angular-eha.autofocus.git
# Install the dev dependencies
npm install
Code should be documented following the guidelines set out by jsdoc and ngdoc. We can then leverage Dgeni or something simlary to generate documentation in any format we like.
The test suite is configured to run in Firefox and is powered by:
The library is conducive to TDD. grunt test:watch
is your friend. As modules (and templates) are exposed on their own namespaces you can easily isolate areas of the codebase for true unit testing without being forced to pull in the whole library or stub/mock modules irrelevent to the feature(s) you're testing.
grunt test
grunt test:watch
Transpiling our html templates into js allows us to neatly push them into the $templateCache
.
To transpile the templates it's another simple grunt command:
grunt templates
This will compile the templates to the dist/
folder. But it's probably best to avoid this all together. Both the grunt test
and grunt release
commands take care of all of this for you.
If you need to override the default template, simply replace what's already in the $templateCache
with what ever you want. One way to achieve this is like this:
<script id="templates/back-button.directive.tpl.html" type="text/html">
<button>I'm a button!</button>
</script>
To make a release, ensure you have issued grunt build
, committed the distribution package and tagged the commit with an appropriate version according to the SemVer spec.
To make this easy for you, there's a handy grunt task. Simply issue grunt release:major|minor|patch
and grunt will take care of building, committing and tagging for you. Then make a PR to the master branch of the upstream, merge upon CI build success and then all that's left to do is to push the tags to the upstream.
e.g:
grunt release:minor
git pull-request -b eHealthAfrica:master
git push upstream --tags
To publish a new version to npm, simply issue from the command line prior making a release (i.e.issuing a grunt release
and pushing both commits and tags to the upstream):
npm publish
### Publishing to bower
Publishing to bower is slightly simpler in so far that you only have to do it once, and not explicitly for every release like npm:
e.g.
bower register angular-eha.autofocus https://github.com/eHealthAfrica/angular-eha.autofocusgit
Copyright 2015 Matt Richards (eHealthAfrica)
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
v1.0.0 - 03/03/2015
FAQs
An autofocus directive
We found that angular-eha.autofocus demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.