Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
A router for client-side (browser) JS applications.
Features:
This module makes use of a Makefile
for building/testing purposes. After obtaining a copy of the repo, run the following commands to make sure everything is in working condition before you start your work:
make install
make test
Before committing a change to your fork/branch, run the following commands to make sure nothing is broken:
make test
make test-cov
Don't forget to bump the version in the package.json
using the semver spec as a guide for which part to bump. Submit a pull request when your work is complete.
Notes:
npm install coordinate
This module assumes that you are using browserify to bundle your client-side code.
To use the router, require it in and initialize it like so:
var router = require('coordinate').getInstance(),
routes = [ '/', '/users', '/users/{userId}' ];
router.on('change', function(data) {
console.log(data.route); // the string route that was hit
console.log(data.params); // an object that contains any path parameters
console.log(data.context); // context data that was passed to the router.go method
console.log(data.history); // an Array of strings that contain the past paths that were navigated to
});
router.initialize({ routes: routes });
The following methods are available on the router
instance:
initialize(options:Object)
Initializes the routes. This method must be called before any of the other methods.
options
An object that contains the information needed to configure the router.
routes
A collection of valid routes.
Required.
root
The root path that all routes are appended to. For example, if the root is set to '/api', and there is a route '/users', then the expected full path would either be '/api/users' or '/api/#/users' depending on whether it is using the URL hash or HTML5 history API.
Defaults to '/'
isCaseSensitive
A flag that denotes whether the provided route paths should be considered case sensitive or not.
Defaults to false
useHash
A flag that denotes whether or not to use the hash for route paths, or to use the HTML5 history API.
Defaults to false
go(path:String, context:Object)
Looks up the route associated to the path, changes the hash or url in the browser, and emits a change event with the route that was hit, the path parameters, the context that was passed, and an array of the history of previous paths hit.
The MIT License (MIT)
FAQs
A router based on the hapijs call module targeted at the browser
The npm package coordinate receives a total of 0 weekly downloads. As such, coordinate popularity was classified as not popular.
We found that coordinate demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.