Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
gatsby-source-medusa
Advanced tools
Gatsby source plugin for building websites using Medusa Commerce as a data source
Medusa is an open-source headless commerce engine that enables developers to create amazing digital commerce experiences. This is a Gatsby source plugin for building websites using Medusa as a data source.
This plugin is still under development. Please report any issues or suggestions on the GitHub issues page.
This takes you through the minimal steps to see your Medusa data in your Gatsby site's GraphiQL explorer.
Install the source plugin to your Gatsby project using your favorite package manager.
npm install gatsby-source-medusa
yarn add gatsby-source-medusa
Add the plugin to your gatsby-config.js
:
require("dotenv").config()
module.exports = {
plugins: [
{
resolve: "gatsby-source-medusa",
options: {
storeUrl: process.env.MEDUSA_URL,
authToken: process.env.MEDUSA_AUTH_TOKEN //This is optional
},
},
...,
],
}
The plugin accepts two options storeUrl
and authToken
. The storeUrl
option is required and should point to the server where your Medusa instance is hosted (this could be localhost:9000
in development). The authToken
option is optional, and if you add it the plugin will also source orders from your store.
You should now be able to view your stores MedusaProducts
, MedusaRegions
, MedusaCollections
, and MedusaOrders
(if enabled) in your Gatsby site's GraphiQL explorer.
FAQs
Gatsby source plugin for building websites using Medusa Commerce as a data source
The npm package gatsby-source-medusa receives a total of 24 weekly downloads. As such, gatsby-source-medusa popularity was classified as not popular.
We found that gatsby-source-medusa demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.