Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
azure-devops-extension-sdk
Advanced tools
Client SDK and TypeScript declare files for developing Azure DevOps extensions.
The client SDK enables web extensions to communicate to the host frame. It can be used to:
See the Develop a web extension for Azure DevOps documentation for instructions on getting started with a new extension. You can also refer to the azure-devops-extension-sample repository as a working reference.
azure-devops-extension-sdk
to the list of dependencies in your package.jsonimport * as SDK from "azure-devops-extension-sdk"
to your TypeScript codeWhen you have rendered your extension content, call SDK.init()
. Your extension content will not be displayed until you have notified the host frame that you are ready. There are two options for doing this:
SDK.init()
with no loaded
optionSDK.init({ loaded: false })
to start initializing the SDK. Then call SDK.notifyLoadSucceeded()
once you have finished your initial rendering. This allows you to make other SDK calls while your content is still loading (and hidden behind a spinner).Example:
import * as SDK from "azure-devops-extension-sdk";
SDK.init();
Full API reference of DevOps.SDK.js can be found at Core Client SDK page.
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.
FAQs
Azure DevOps web extension JavaScript library.
The npm package azure-devops-extension-sdk receives a total of 1,199 weekly downloads. As such, azure-devops-extension-sdk popularity was classified as popular.
We found that azure-devops-extension-sdk demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.