Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
atom-package-manager
Advanced tools
Discover and install Atom packages powered by atom.io
You can configure apm by using the apm config
command line option (recommended) or by manually editing the ~/.atom/.apmrc
file as per the npm config.
apm bundles npm with it and spawns npm
processes to install Atom packages. The major difference is that apm
sets multiple command line arguments to npm
to ensure that native modules are built against Chromium's v8 headers instead of node's v8 headers.
The other major difference is that Atom packages are installed to ~/.atom/packages
instead of a local node_modules
folder and Atom packages are published to and installed from GitHub repositories instead of npmjs.com
Therefore you can think of apm
as a simple npm
wrapper that builds on top of the many strengths of npm
but is customized and optimized to be used for Atom packages.
apm
is bundled and installed automatically with Atom. You can run the Atom > Install Shell Commands menu option to install it again if you aren't able to run it from a terminal (macOS only).
libsecret-1-dev
(or the relevant libsecret
development dependency) if you are on Linuxnpm install
; this will install the dependencies with your built-in version of Node/npm, and then rebuild them with the bundled versions../bin/npm run build
to compile the CoffeeScript code (or .\bin\npm.cmd run build
on Windows)./bin/npm test
to run the specs (or .\bin\npm.cmd test
on Windows)bin/npm
/ bin\npm.cmd
?apm
includes npm
, and spawns it for various processes. It also comes with a bundled version of Node, and this script ensures that npm uses the right version of Node for things like running the tests. If you're using the same version of Node as is listed in BUNDLED_NODE_VERSION
, you can skip using this script.
Run apm help
to see all the supported commands and apm help <command>
to
learn more about a specific command.
The common commands are apm install <package_name>
to install a new package,
apm featured
to see all the featured packages, and apm publish
to publish
a package to atom.io.
If you have 2fa enabled on your GitHub account, you'll need to generate a personal access token and provide that when prompted for your password.
If you are behind a firewall and seeing SSL errors when installing packages you can disable strict SSL by running:
apm config set strict-ssl false
If you are using a HTTP(S) proxy you can configure apm
to use it by running:
apm config set https-proxy https://9.0.2.1:0
You can run apm config get https-proxy
to verify it has been set correctly.
You can also run apm config list
to see all the custom config settings.
FAQs
Atom package manager
The npm package atom-package-manager receives a total of 26 weekly downloads. As such, atom-package-manager popularity was classified as not popular.
We found that atom-package-manager demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 14 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.