Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
auto-views
Advanced tools
the auto-views component family includes components that genarate views from JSON schemas.
the json schemas are based on a subset of the json schema syntax JSONschema.org.
by using a common schema and different view-Generators we can create many different views from the same schema
the json schema
{
"$id": "http://example.com/user",
"type":"object",
"title":"User",
"properties":{
"fName":{
"type":"string",
"title":"First name"
},
"lName":{
"type":"string",
"title":"Last name"
},
"age":{
"type":"number",
"title":"Age"
}
}
}
can be generated into:
the following view:
the following editing view:
the following table view:
and the following list views:
the schemas are defined in JSON format with the minimal schema {}
representing "any" type.
the following meta-data fields are supported:
a schema can denote its acceptable type/types using the type keyword, available options: "string","number","boolean","null","array" or "object"
{
"$id":"http://example.com/product",
"title":"Product",
"type":"object"
}
each type adds its own validation keywords:
{
"$id":"http://example.com/person",
"type":"object",
"properties":{
"lastName":{
"type":"string"
}
}
}
// a named property called "lastName" with value of type string
{
"$id":"http://example.com/stringToNumberMap",
"type":"object",
"additionalProperties":{
"type":"number"
}
}
//string to number map example
a schema can reference another schema usinng the ref keyword
{
"$id":"http://example.com/person",
"type":"object",
"properties":{
"lastName":{
"type":"string"
}
}
}
{
"$id":"http://example.com/task",
"type":"object",
"properties":{
"owner":{
"$ref":"http://example.com/person"
}
}
}
//the task schema refernces the person schema
a schema can be defined as a union between other schemas
{
"$id":"http://example.com/image",
"type":"object",
"properties":{
"src":{
"type":"string"
}
}
}
{
"$id":"http://example.com/video",
"type":"object",
"properties":{
"src":{
"type":"string"
}
}
}
{
"$id":"http://example.com/post",
"type":"object",
"properties":{
"media":{
"$oneOf":[{"$ref":"http://example.com/image"},{"$ref":"http://example.com/video"}]
}
}
}
//the post schema refernces multiple schemas
the following meta-data fields have been added for better GUI generation:
{
"$id": "http://example.com/MpImage",
"title":"MpImage",
"description":"Wix media platform image",
"views":{
"view":{
"controller":"MpImageViewer",
"props":{
"cropMode":"Center"
}
}
}
}
{
"$id":"http://example.com/user",
"title":"User",
"type":"object",
"properties":{
"fName":{
"type":"string",
"uiGroup":"name"
}
},
"lName":{
"type":"string",
"uiGroup":"name"
},
"age":{
"type":"number"
}
}
}
because the schemas are used to create GUI, it is sometimes usefull to define extra schemas for the same dataType (views), this should be used only for differnt views and not apply any different validation.
in these cases it is usefull to have the view schemas explicitly reference the base schema that defines the validation using the $viewOf keyword
base schema:
{
"$id":"http://example.com/user",
"title":"User",
"type":"object",
"properties":{
"fName":{
"type":"string"
},
"lName":{
"type":"string"
},
"age":{
"type":"number"
}
}
}
extra view:
{
"$id":"http://example.com/user/partialView",
"$viewOf":"http://example.com/user",
"title":"User",
"type":"object",
"properties":{
"fName":{},
"lName":{}
}
}
auto generating schemas is possible through third party projects - add link here
using this method the following typescipt code sitting in src/components/bobs.ts:
/**
* @id bob
*/
interface bob{
age:number;
}
//unique id set by user
interface bobsUncle{
cousin:bob;
}
//unique id is auto generated from project structure
will result in the 2 following generated schemas
{
"$id":"http://npmJs/{project-name}/bob",
"properties":{
"age":{
"type":"number"
}
}
}
{
"$id":"http://npmJs/{project-name}/dist/src/components/bobs.ts/bobsUncle",
"properties":{
"cousin":{
"$ref":"http://npmJs/{project-name}/bob"
}
}
}
auto-views
|
|--src - source code.
|
|--test - test code. browser tests end with: spec.ts/x
| node tests end with: .node-spec.ts/x
|
|--demo - demo of all components.
|
|--lib - target code generated by build script.
The following scripts are available:
npm start
-
Runs webpack-dev-server (watching, hot-reloading), with access to demos and browser tests available via http://localhost:8080/webpack-dev-server
npm run build
-
Transpiles src
into lib
. Run automatically on prepublish.
npm test
-
Runs test:browser
and test:node
scripts. See below.
npm run test:browser
-
Runs karma for an automated single run of browser tests. For watch mode, see start
script above.
npm run test:node
-
Runs mocha for an automated single run of node tests.
For watch mode, you can pass in the watch flag: npm run test:node -- -w
FAQs
Common, fully-tested, strictly-typed, Wix-styled, auto views library
The npm package auto-views receives a total of 1 weekly downloads. As such, auto-views popularity was classified as not popular.
We found that auto-views demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.