Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Cloud Development Kit for Kubernetes
Cloud Development Kit for Kubernetes
cdk8s is a software development framework for defining Kubernetes applications using rich object-oriented APIs. It allows developers to leverage the full power of software in order to define abstract components called "constructs" which compose Kubernetes resources or other constructs into higher-level abstractions.
This library is the foundation of cdk8s. It includes base types that are used to define cdk8s applications.
The Chart
is a container that synthesizes a single Kubernetes manifest.
class MyChart extends Chart {
constructor(scope: Construct, ns: string) {
super(scope, ns);
// add contents here
}
}
During synthesis, charts collect all the ApiObject
nodes (recursively) and
emit a single YAML manifest that includes all these objects.
An ApiObject
is a construct that represents an entry in a Kubernetes manifest.
In most cases, you won't use ApiObject
directly but rather use classes that
are generated by the cdk8s CLI and extend this base class.
cdk8s bundles a set of test utilities under the Testing
class:
Testing.app()
returns an App
object bound to a temporary output directory.Testing.synth(chart)
returns the Kubernetes manifest synthesized from a
chart.This project is distributed under the Apache License, Version 2.0.
This module is part of the cdk8s project.
FAQs
This is the core library of Cloud Development Kit (CDK) for Kubernetes (cdk8s). cdk8s apps synthesize into standard Kubernetes manifests which can be applied to any Kubernetes cluster.
The npm package cdk8s receives a total of 90,527 weekly downloads. As such, cdk8s popularity was classified as popular.
We found that cdk8s demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.