Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
capstone-file-manager
Advanced tools
The module reveals simple API, which helps CapstoneJS developers to store files locally, without using third-party services
The tool lets you store files on your server, without using third-party services like Cloudinary. It simplifies the original capstone Storage API, takes care about setting File storage for your files, deletes useless files.
Node >= v8.9.2 Mongo >= v3.4.0 The tool has NOT been tested on earlier versions.
As far as you're using capstone-file-manager
, you should not set CapstoneJS file Storage, cause it's set inside of capstone-file-manager
.
npm install capstone-file-manager
capstone-file-manager
is meant to be used in models. In order to use the it do the following:
capstone
and capstone-file-manager
(returns a javascript class).capstone.List
.capstone-file-manager
and pass the instance of capstone.List
to constructor.init
method on newly created instance of capstone-file-manager
.add
method on the instance of capstone.List
.const capstone = require('capstone);
const capstoneFileManager = require('capstone-file-manager');
const model = new capstone.List('modelName');
new capstoneFileManager(model).init();
model.add(); // add fields here
Options are used as follows:
capstone.init({
'kfm public url': '/images/',
'kfm virtual prop key': 'src',
'kfm uploaded files storage': '/uploads/images/'
});
There are three of them presented:
kfm uploaded files storage
Set path on the server where files will be stored.
If you set the option to /uploads/images/
, files will be stored in /uploads/images/
folder on your server.
kfm public url
Set the url where files will be reachable.
Default value: /images/
You can set this option to /path-to-images/
, then file with the name my-file.jpg
will be reachable on your-domain.com/path-to-images/my-file.jpg
kfm virtual prop key
Set the name of virtual property, where link to the file will be stored.
Default value: src
Imagine, you have the following model:
const capstone = require('capstonejs');
const types = capstone.Field.Types;
const fileManager = require('capstone-file-manager');
const model = new capstone.List('modelName');
new fileManager(model).init();
model.add({
title: { type: types.Text },
icon: { type: types.File }
});
... and later, in your template, you're gonna to get the link to the file as follows (in example we're using pug
template engine, but this is not mandatory):
img(src= icon.src)
Pay attention, that the link to the file is stored in src
property. If you change the kfm virtual prop key
to, for instance, myBeatifulVirtualProp
, then link to the file will be stored there, like:
img(src= icon.myBeatifulVirtualProp)
The tool is built according to Facade pattern. It reveals only one simple method init and for correct work requires model. Capstone-file-manager wraps the capstone add
method and does some magic inside.
FAQs
The module reveals simple API, which helps CapstoneJS developers to store files locally, without using third-party services
The npm package capstone-file-manager receives a total of 5 weekly downloads. As such, capstone-file-manager popularity was classified as not popular.
We found that capstone-file-manager demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.