Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
create-storm-workspace
Advanced tools
⚡A CLI tool used to generate and fully configure a Storm Workspace repository.
[!IMPORTANT] This repository, and the apps, libraries, and tools contained within, is still in it's initial development phase. As a result, bugs and issues are expected with it's usage. When the main development phase completes, a proper release will be performed, the packages will be availible through NPM (and other distributions), and this message will be removed. However, in the meantime, please feel free to report any issues you may come across.
This package can be used to generate a Storm workspace.
It is essentially a wrapper around the Nx CLI that adds some additional functionality.
Using pnpm:
pnpm add -g create-storm-workspace
npm install -g create-storm-workspace
yarn add -g create-storm-workspace
Run nx build create-storm-workspace
to build the library.
Run nx test create-storm-workspace
to execute the unit tests via
Jest.
Storm workspaces are built using Nx, a set of extensible dev tools for monorepos, which helps you develop like Google, Facebook, and Microsoft. Building on top of Nx, the Open System provides a set of tools and patterns that help you scale your monorepo to many teams while keeping the codebase maintainable.
See the open issues for a list of proposed features (and known issues).
Reach out to the maintainer at one of the following places:
This project is licensed under the Apache License 2.0. Feel free to edit and distribute this template as you like.
See LICENSE for more information.
This project adheres to Semantic Versioning. Every release, along with the migration instructions, is documented in the CHANGELOG file
First off, thanks for taking the time to contribute! Contributions are what makes the open-source community such an amazing place to learn, inspire, and create. Any contributions you make will benefit everybody else and are greatly appreciated.
Please try to create bug reports that are:
Please adhere to this project's code of conduct.
You can use markdownlint-cli to check for common markdown style inconsistency.
Thanks goes to these wonderful people (emoji key):
Patrick Sullivan 🎨 💻 🔧 📖 ⚠️ | Tyler Benning 🎨 | Stormie 🚧 |
Add your contributions |
This project follows the all-contributors specification. Contributions of any kind welcome!
Storm Software is an open source software development organization and creator of Acidic, StormStack and StormCloud.
Our mission is to make software development more accessible. Our ideal future is one where anyone can create software without years of prior development experience serving as a barrier to entry. We hope to achieve this via LLMs, Generative AI, and intuitive, high-level data modeling/programming languages.
Join us on Discord to chat with the team, receive release notifications, ask questions, and get involved.
If this sounds interesting, and you would like to help us in creating the next generation of development tools, please reach out on our website or join our Slack channel!
FAQs
⚡A CLI tool used to generate and fully configure a Storm Workspace repository.
The npm package create-storm-workspace receives a total of 19 weekly downloads. As such, create-storm-workspace popularity was classified as not popular.
We found that create-storm-workspace demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.