Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
f5-conx-core
Advanced tools
f5-conx-core is a project to abstract all the API functionality developed for the vscode-f5 extension to be used in other projects.
This project is based on JavaScript, but written in TypeScript and utilizes JSdoc to provide built in documentation of functionality, inputs, and outputs.
Goals/features:
standardize all F5 HTTP REST calls
standardize all external HTTP rest calls
IPv6 support (pending/in-progress)
standard file cache location
standard logging functionality
NIM Support
https://github.com/szmarczak/http-timer
The above plugin adds the following timings object to the response of axios
export interface Timings {
start: number;
socket?: number;
lookup?: number;
connect?: number;
secureConnect?: number;
upload?: number;
response?: number;
end?: number;
error?: number;
abort?: number;
phases: {
wait?: number;
dns?: number;
tcp?: number;
tls?: number;
request?: number;
firstByte?: number;
download?: number;
total?: number;
};
}
export type HttpResponse = {
data?: unknown;
headers?: unknown;
status: number;
statusText?: string;
request?: {
url: string;
method: string;
headers: unknown;
protocol: string;
timings: Timings;
data?: unknown;
};
};
Using these timings we can log and provide stats about what devices (mainly f5) are responding slower than others or a gathered base line (telemetry/analytics)
Add details about how to use the project
A collection of helpful commands have been added to the package manager (npm) scripts directive. Check out the package.json
for an up-to-date list of commands.
npm run build-package
npm run build-code-docs
npm run test
npm run lint
Note that the main
and types
package manager directive are pointed at the dist
folder (where tsc
builds the package). Please ensure any published packages builds and includes that folder.
See the source repository here.
Please don't hesitate to open an issue to ask for a feature, submit a bug, or expand documentation. This project is here to help others and hopefully prevent duplicate work
the following to be updated when the repo transitions to devcentral
## Copyright
Copyright 2014-2020 F5 Networks Inc.
### F5 Networks Contributor License Agreement
Before you start contributing to any project sponsored by F5 Networks, Inc. (F5) on GitHub, you will need to sign a Contributor License Agreement (CLA).
If you are signing as an individual, we recommend that you talk to your employer (if applicable) before signing the CLA since some employment agreements may have restrictions on your contributions to other projects. Otherwise by submitting a CLA you represent that you are legally entitled to grant the licenses recited therein.
If your employer has rights to intellectual property that you create, such as your contributions, you represent that you have received permission to make contributions on behalf of that employer, that your employer has waived such rights for your contributions, or that your employer has executed a separate CLA with F5.
If you are signing on behalf of a company, you represent that you are legally entitled to grant the license recited therein. You represent further that each employee of the entity that submits contributions is authorized to submit such contributions on behalf of the entity pursuant to the CLA.
[0.12.2] - (01-19-2022)
FAQs
F5 SDK for JavaScript with Typescript type definitions
The npm package f5-conx-core receives a total of 3 weekly downloads. As such, f5-conx-core popularity was classified as not popular.
We found that f5-conx-core demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.