
Research
PyPI Package Disguised as Instagram Growth Tool Harvests User Credentials
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
A Node.js module to download and "install" the latest open source Apache/Adobe Flex SDK.
An NPM wrapper for the Apache Flex SDK / Adobe Flex SDK.
npm install flex-sdk
Or grab the source and
npm install .
What this is really doing is just grabbing a particular "blessed" (by this module) version of the Flex SDK. As new versions of the Apache/Adobe Flex SDK are released and vetted, this module will be updated accordingly.
The package has been set up to fetch the Flex SDK and run mxmlc
for MacOS (darwin),
Linux based platforms (as identified by Node.js), and Windows. If you
spot any platform weirdnesses, let me know or send a patch.
If you intend to use this module after it is installed, almost all of the Flex
SDK binary/executable files have an implicit dependency on Java being installed
on the system and that it is available in the PATH
such that it can be
invoked just by typing the command java
.
bin/mxmlc [mxmlc arguments]
Check out the full list of mxmlc
command line options
for more information.
And npm will install a link to the binary in node_modules/.bin
as
it is wont to do.
The package exports an object contains:
binDir
string which is the path to the "bin" directory of the Flex SDKbin
object which contains an entry for each executable included in the
"bin" directory of the Flex SDK (e.g. flexSdk.bin.mxmlc
will provide the
path to the mxmlc
executable).refresh
function if you ever need to refresh the bin
object (e.g. if
you have an existing flex-sdk
module reference object but then downloaded a
new Flex SDK).Below is an example of using this package via node.
var childProcess = require('child_process');
var flexSdk = require('flex-sdk');
var binPath = flexSdk.bin.mxmlc;
var childArgs = [
'arguments to pass to mxmlc',
path.join(__dirname, 'fileToCompile.as')
];
childProcess.execFile(binPath, childArgs, function(err, stdout, stderr) {
// handle results
});
The NPM package version tracks the version of the Flex SDK that will be installed, with an additional build number that is used for revisions to the installer when necessary.
As such, 4.6.0-0
, 4.6.0-1
, and 4.6.0-2
will all install Flex SDK v4.6.0 but each
has newer changes to the installer than the previous.
For the full list of available versions, see FlexSDKs.md.
This is an NPM wrapper and can be used to make the various binary executables
from the Apache/Adobe Flex SDKs (e.g. mxmlc
) conveniently available.
It is not a Node.js wrapper.
In lieu of a formal styleguide, take care to maintain the existing coding style. Add unit tests for any new or changed functionality. Lint and test your code using Grunt.
npm install flex-sdk@~4.6.0
npm install flex-sdk@~4.5.1
npm install flex-sdk@~4.5.0
npm install flex-sdk@~4.1.0
npm install flex-sdk@~4.0.0
npm install flex-sdk@~3.6.0
npm install flex-sdk@~3.5.0
npm install flex-sdk@~3.4.1
npm install flex-sdk@~3.4.0
npm install flex-sdk@~3.3.0
npm install flex-sdk@~3.2.0
npm install flex-sdk@~3.1.0
npm install flex-sdk@~3.0.1
npm install flex-sdk@~3.0.0
Copyright (c) 2014 James M. Greene
Licensed under the MIT license.
FAQs
A Node.js module to download and "install" the latest open source Apache/Adobe Flex SDK.
The npm package flex-sdk receives a total of 359 weekly downloads. As such, flex-sdk popularity was classified as not popular.
We found that flex-sdk demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
Product
Socket now supports pylock.toml, enabling secure, reproducible Python builds with advanced scanning and full alignment with PEP 751's new standard.
Security News
Research
Socket uncovered two npm packages that register hidden HTTP endpoints to delete all files on command.