Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
clever-client
Advanced tools
JavaScript client for Clever-Cloud API.
First you need to install the npm dependencies:
npm install
Then you need to run the npm script build
and provide the API endpoint you want to use:
API_BASE_URL="https://api.clever-cloud.com/v2" npm run build
This will build a two bundles (non-minified and minified) in dist
: clever-client.js
and clever-client.min.js
.
Those bundles can be used with node.js or in a browser environment.
Once you've built a client, you can create a release and publish it on npmjs.com.
To create a new release, you need to update package.json
and package-lock.json
with the new version, create a commit and add a git tag.
This can be done with this command:
npm version minor
NOTE: Most of the time, you need to update the client because the API changed. For this kind of cases a minor update will be OK. If a minor update is not what you're looking for, you can check the other options of npm version.
After this step, you're ready to publish this new version:
npm publish
If you're working with a new (or modified) API that is only available on the preprod env, you need a way to generate a client for this version and use it locally in your projects.
To do this, you need to run the build
script with the preprod endpoint:
API_BASE_URL="https://ccapi-preprod.cleverapps.io/v2" npm run build
Then, you need to generate a local package:
npm pack
This will generate a local archive named clever-client-X.Y.Z.tgz
.
You can use this archive in your local projects to try and test the new (or modified) APIs.
If your project uses npm, you'll have to do this:
npm install path/to/clever-client-X.Y.Z.tgz
This will override the version specified in the package.json
.
If your project uses yarn, you'll have to do this:
yarn cache clean clever-client
yarn add -f path/to/clever-client-X.Y.Z.tgz
FAQs
Javascript models for Clever-Cloud API
The npm package clever-client receives a total of 1 weekly downloads. As such, clever-client popularity was classified as not popular.
We found that clever-client demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.