![Malicious npm Package Typosquats react-login-page to Deploy Keylogger](https://cdn.sanity.io/images/cgdhsj6q/production/007b21d9cf9e03ae0bb3f577d1bd59b9d715645a-1024x1024.webp?w=400&fit=max&auto=format)
Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
dgeni-packages
Advanced tools
Changelog
v0.10.0-beta.1 25th July 2014
This is a major rearchitecture in line with changing to dgeni@0.4.0
There are numerous breaking changes surrounding this release and that of dgeni 0.4.0. The most important changes are
Configuration is done directly on the Processors and Services using Configuration Blocks, which are defined on Packages.
Everything is now dependency injected. Dgeni deals with instantiating Processors and Services but if you have properties on these that reference objects that should also be instantiated by the DI system then you can either ask for them to be injected into the config block:
myPackage.config(function(processor1, someObj) {
processor1.someProp = someObj;
});
use the injector
directly:
myPackage.config(function(processor1, injector) {
processor1.someProp = injector.invoke(someObjFactory);
});
or use the getInjectables()
helper service:
myPackage.config(function(processor1, getInjectables) {
processor1.someProp = getInjectables([someObjFactory, someOtherObjFactory]);
});
All real processors have changed their names from dash-case to camelCase. This is because it is easier for their names to be valid JavaScript identifiers.
The most significant commits are:
getRenderer()
method 4f50737bReadme
This repository contains a collection of dgeni packages that can be used by the dgeni documentation generator to create documentation from source code.
Out of the box there are the following packages:
Error: No provider for "templateEngine"! (Resolving: templateEngine)
base
PackagedebugDumpProcessor
- dump the current state of the docs array to a file (disabled by default)readFilesProcessor
- used to load up documents from files. This processor can be configured to use a
set of file readers. There are file readers in the jsdoc
and ngdoc
packages.renderDocsProcessor
- render the documents into a property (doc.renderedContent
) using a
templateEngine
, which must be provided separately - see nunjucks
package.unescapeCommentsProcessor
- unescape comment markers that would break the jsdoc comment style,
e.g. */
writeFilesProcessor
- write the docs to diskcreateDocMessage
- a helper for creating nice messages about documents (useful in logging and
errors)encodeDocBlock
- convert a block of code into HTMLtemplateFinder
- search folders using patterns to find a template that matches a given document.trimIndentation
- "intelligently" trim whitespace indentation from the start of each line of a block
of text.The template used to render the doc is computed by the templateFinder
, which uses the first match
from a set of patterns in a set of folders, provided in the configuration. This allows a lot of control to provide
generic templates for most situations and specific templates for exceptional cases.
Here is an example of some standard template patterns:
templateFinder.templatePatterns = [
'${ doc.template }',
'${doc.area}/${ doc.id }.${ doc.docType }.template.html',
'${doc.area}/${ doc.id }.template.html',
'${doc.area}/${ doc.docType }.template.html',
'${ doc.id }.${ doc.docType }.template.html',
'${ doc.id }.template.html',
'${ doc.docType }.template.html'
]
nunjucks
PackageThis package provides a nunjucks driven implementation of the templateEngine
required by the
base
package renderDocsPocessor
. The "nunjucks" JavaScript template tool-kit to generates HTML
based on the data in each document. We have nunjucks templates, tags and filters that
can render links and text as markdown and will highlight code.
nunjucks-template-engine
- provide a templateEngine
that uses the Nunjucks template library
to render the documents into text, such as HTML or JS, based on templates.jsdoc
Package### File Readers:
jsdoc
- can read documents from jsdoc style comments in source code files.codeNameProcessor
- infer the name of the document from the code following the document in the source
file.computePathProcessor
- infer the path to the document, used for writing the file and for navigation
to the document in a web app.parseTagsProcessor
- use a tagParser
to parses the jsdoc tags in the document content.extractTagsProcessor
- use a tagExtractor
to extract information from the parsed tags.inlineTagsProcessor
- Search the docs for inline tags that need to have content injectedThe jsdoc
package contains definitions for a number of standard jsdoc tags including: name
,
memberof
, param
, property
, returns
, module
, description
, usage
,
animations
, constructor
, class
, classdesc
, global
, namespace
, method
, type
and
kind
.
This package provides a number of tagTransform services that are used in tag Definitions to transform the value of the tag from the string in the comment to something more meaningful in the doc.
extractNameTransform
- extract a name from a tagextractTypeTransform
- extract a type from a tagtrimWhitespaceTransform
- trim whitespace from before and after the tag valueunknownTagTransform
- add an error to the tag if it is unknownwholeTagTransform
- Use the whole tag as the value rather than using a tag propertyThis package does not provide any templates nor a templateEngine
to render templates (use the
nunjucks
package to add this).
ngdoc
PackageThe ngdoc
Package depends upon the jsdoc
and nunjucks
packages.
ngdoc
- can pull a single document from an ngdoc content file.apiDocsProcessor
-This processor runs computations that are specifically related to docs for API components. It does the following:
components
propertyapiDocsProcessor has the following configuration options available (listed with the default values set):
apiDocsProcessor.apiDocsPath = undefined; // This is a required property that you must set
apiDocsProcessor.outputPathTemplate = '${area}/${module}/${docType}/${name}.html';
apiDocsProcessor.apiPathTemplate = '${area}/${module}/${docType}/${name}';
apiDocsProcessor.moduleOutputPathTemplate = '${area}/${name}/index.html';
apiDocsProcessor.modulePathTemplate = '${area}/${name}';
});
generateComponentGroupsProcessor
-
Generate documents for each group of components (by type) within a module
computeIdProcessor
-
Compute the id property of the doc based on the tags and other meta-data
computePathProcessor
-
Compute the path and outputPath for docs that do not already have them
filterNgdocsProcessor
-
For AngularJS we are only interested in documents that contain the @ngdoc tag. This processor
removes docs that do not contain this tag.
collectPartialNames
-
Add all the docs to the partialNameMap
getLinkInfo()
getPartialNames()
gettypeClass()
moduleMap
parseCodeName()
patialNameMap
This package provides a set of templates for generating an HTML file for each document: api, directive, error, filter function, input, module, object, overview, provider, service, type and a number to support rendering of the runnable examples.
You should be aware that because of the overlap in syntax between Nunjucks bindings and AngularJS bindings, the ngdoc package changes the default Nunjucks binding tags:
`` templateEngine.config.tags = { variableStart: '{$', variableEnd: '$}' };
## `examples` Package
This package is a mix-in that provides functionality for working with examples in the docs.
### Processors
* `parseExamplesProcessor` -
Parse the `<example>` tags from the content and add them to the `examples` service
* `generateExamplesProcessor` -
Add new docs to the docs collection for each example in the `examples` service that will be rendered
as files that can be run in the browser, for example as live in-place demos of the examples or for
e2e testing.
### Services
* examples - a hash map holding each example by name
FAQs
Unknown package
We found that dgeni-packages demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.