Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
clusterstart
Advanced tools
Enable clusterization of an app via a launching commandline argument (--clusterize [number of cores]).
The purpose of this module is to enable an app created in Node.js to run either in cluster or on a signle core.
$ npm install clusterstart
clusterstart allows you to import the clusterstart module into your app, then just run it as a cluster. $ node app.js --clusterize
It also allows you to specify the number of cores to run it on. $ node app.js --clusterize 4
If no number is passed, then it runs on all available cores. Likewise if the number passed in is more than the available cores, it will default to the available cores.
var clusterstart = require('clusterstart'),
http = require('http');
http.Server(function(req, res) {
res.writeHead(200);
res.end("hello world\n");
}).listen(8000);
And to run:
$ node app.js --clusterize
FAQs
Enable clusterization of an app via a launching commandline argument (--clusterize [number of cores]).
The npm package clusterstart receives a total of 1 weekly downloads. As such, clusterstart popularity was classified as not popular.
We found that clusterstart demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.