
Research
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
cannon-blog
Advanced tools
A server and client side ReactJS powered blogging engine.
Please note Cannon is not ready yet! By all means try and use it but you'll definitely run into lots of problems. I'm keeping a rough plan of work in the Trello board.
Cannon is run as a series of ExpressJS middlewares that you run on a server locally whilst building and developing your site. Once you're ready to deploy, Cannon provides you with a tool to generate a directory of static files containing your application. These can then be pushed live (GitHub Pages, Amazon S3, for example) to any host that can store static files. No server is needed in production, and your site will work in clients with and without JavaScript enabled.
The idea from Cannon and a lot of the approach is taken from How we built the new gocardless.com.
Cannon is currently very unstable and should not be considered ready for use. As it gets to that stages more documentation will be written.
Your first step is to create a new empty folder for your project and run:
npm init
npm install --save cannon-blog
This will create a new project and install cannon-blog
. Cannon provides a
script for initialising a new project:
cannon-init
The init script will install other dependencies required (React, Express and others) and then create a small site for you containing an index page and one blog post.
You can then fire up the development server:
./node_modules/.bin/cannon-dev
And in another tab, the webpack server which will generate and serve the clientside bundle.
./node_modules/.bin/cannon-webpack
And visit http://localhost:8123
to see your new blog in all its glory.
Note that the very first time you run cannon-dev
, you will see an error. Currently you have to hit the site first for the bundle to be correctly generated. Then you can restart the server and everything should work. This is on the list of TODOs!
Coming Soon
Coming Soon
FAQs
A ReactJS Blogging engine
The npm package cannon-blog receives a total of 2 weekly downloads. As such, cannon-blog popularity was classified as not popular.
We found that cannon-blog demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
Research
A malicious package uses a QR code as steganography in an innovative technique.
Research
/Security News
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.