Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
env-overlay
Advanced tools
Easily see what environment you are viewing your application in via a small overlay
Easily see what environment you are viewing your application in via a small overlay.
Lightweight (3.3K - 1.3K gzipped), easy to use and easy to customize.
Examples of defaults
Calculated result for "other"
$ npm install env-overlay --save
import { envOverlay } from 'env-overlay'
// Here assuming the environment variable NODE_ENV is set for sure
// And that it is accessible via process.env
envOverlay(process.env.NODE_ENV)
(environment: string, options?: IEnvOverlayOptions) => void
Click here to view IEnvOverlayOptions
Name(s) of environments to exclude usage of env-overlay. The module will bailout early if the the environment name given matches the string, or one of the strings, given.
Default: "production"
A map of background colors for given environment names. There are default colors for the environments "local", "development", "staging" and "demo".
Should an environment not have a matching background color key/value provided in options, then a color will be assigned based on the environment name.
All credit goes to Edd Turtle for this feature
A map of text colors for given environment names. There are default colors for the environments "local", "development", "staging" and "demo".
Has the wrapper DOM node of the overlay as its argument for your DOM manipulatory pleasure.
The typescript interface for the options (IEnvOverlayOptions) looks like this
export interface IEnvOverlayOptions {
corner?: 'left' | 'right'
disallow?: string | string[]
background?: { [key: string]: string }
text?: { [key: string]: string }
onLoaded?: (node: HTMLDivElement) => void
}
FAQs
Easily see what environment you are viewing your application in via a small overlay
The npm package env-overlay receives a total of 8 weekly downloads. As such, env-overlay popularity was classified as not popular.
We found that env-overlay demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.