
Research
/Security News
Critical Vulnerability in NestJS Devtools: Localhost RCE via Sandbox Escape
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
the command-line interface for elm-spa
npm install -g elm-spa@latest
$ elm-spa help
elm-spa – version 6.0.6
Commands:
elm-spa new . . . . . . . . . create a new project
elm-spa add <url> . . . . . . . . create a new page
elm-spa build . . . . . . one-time production build
elm-spa server . . . . . . start a live dev server
Other commands:
elm-spa gen . . . . generates code without elm make
elm-spa watch . . . . runs elm-spa gen as you code
Visit https://elm-spa.dev for more!
Check out the official guide at https://elm-spa.dev!
The CLI is written with TypeScript + NodeJS. Here's how you can get started contributing:
git clone git@github.com:ryan-haskell/elm-spa # clone the repo
cd elm-spa/src/cli # enter the CLI folder
npm start # run first time dev setup
npm run dev # compiles as you code
npm run build # one-time production build
npm run test # run test suite
Here's how you can make the elm-spa
command work with your local build of this
repo.
npm remove -g elm-spa # remove any existing `elm-spa` installs
npm link # make `elm-spa` refer to our local code
FAQs
single page apps made easy
The npm package elm-spa receives a total of 652 weekly downloads. As such, elm-spa popularity was classified as not popular.
We found that elm-spa demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
Product
Customize license detection with Socket’s new license overlays: gain control, reduce noise, and handle edge cases with precision.
Product
Socket now supports Rust and Cargo, offering package search for all users and experimental SBOM generation for enterprise projects.