Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
apostrophe
Advanced tools
ApostropheCMS is a full-featured, open source CMS built with Node.js that seeks to empower organizations by combining in-context editing and headless architecture in a full-stack JS environment.
Documentation »
Demo
·
Roadmap
·
Report Bug
ApostropheCMS is content software for everyone in an organization. It helps teams of all sizes create dynamic digital experiences with elegance and efficiency by blending powerful features, developer happiness, and a low learning curve for content creators. Apostrophe has powered websites and web apps for organizations large and small for over a decade.
To get started with Apostrophe 3, follow these steps to set up a local development environment. For more detail, refer to the A3 getting started guide in the documentation.
We recommend installing the following with Homebrew on macOS. If you're on Linux, you should use your package manager (apt or yum). If you're on Windows, we recommend the Windows Subsystem for Linux.
Software | Minimum Version | Notes |
---|---|---|
Node.js | 12.x | Or better |
npm | 6.x | Or better |
MongoDB | 3.6 | Or better |
Imagemagick | Any | Faster image uploads, GIF support (optional) |
Discord - Twitter - Discussions
We eagerly welcome open source contributions. Before submitting a PR, please read through our Contribution Guide
ApostropheCMS is released under the MIT License.
4.8.0 (2024-10-03)
@apostrophecms/asset
module's new breakpointPreviewMode
option. Once enabled, the asset build process will duplicate existing media queries as container queries. There are some limitations in the equivalence between media queries and container queries. You can refer to the CSS @container at-rule documentation for more information. You can also enable breakpointPreviewMode.debug
to be notified in the console when the build encounters an unsupported media query.img
tags pointing to existing images, you can now import them all quickly. When supplying the rich text widget object, include an import
property with an html
subproperty, rather than the usual content
property. You can optionally provide a baseUrl
subproperty as well. Any images present in html
will be imported automatically and the correct figure
tags will be added to the new rich text widget, along with any other markup acceptable to the widget's configuration.newInstance
found in Apostrophe, e.g. for widgets, array items, relationship fields and documents themselves, have been consolidated in one implementation. The same code is now reused both on the front and the back end, ensuring the same result without the need to introduce additional back end API calls.@apostrophecms/page
module APIs no longer allow a page to become a child of itself. Thanks to Maarten Marx for reporting the issue.<use>
tags granted their xlink:href
property is a local reference and begins with the #
character. This improves SVG support while mitgating XSS vulnerabilities.piecesFilters
feature when using dynamic choices.title
as titleField
value by default (consistent with the Slat list).FAQs
The Apostrophe Content Management System.
The npm package apostrophe receives a total of 1,886 weekly downloads. As such, apostrophe popularity was classified as popular.
We found that apostrophe demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.