Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
annotator-pouchdb
Advanced tools
PouchDB provides a fabulous offline-first storage option with the power to replicate between Apache CouchDB , IBM Cloudant, and others.
Annotations are often personal things that you may want to share later. This plugin allows you to add offline-first storage into your Annotator-based extension, app, or UI.
$ npm install
$ npm run anno # builds annotator.js
$ npm run dev # builds annotator-pouchdb.js
You can then open the included index.html
file and annotate it, or run it
inside a local web server (try python -m SimpleHTTPServer
if you have python
handy and are in a hurry).
Use index.html
as a reference for your project.
Obviously, there comes a time where you might want these annotations to live
in at least one other place. PouchDB supports the Apache CouchDB Replication
Protocol and you can use the .sync()
method to keep your offline-first copy in sync with a remote Apache CouchDB
or IBM Cloudant database.
Apache 2.0
FAQs
Annotator Storage with PouchDB (and/or CouchDB)
We found that annotator-pouchdb demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.