Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
generator-landmark
Advanced tools
A Yeoman generator for LandmarkJS, the model-driven cms for node.js built on Express and MongoDB.
yo landmark
will scaffold a new LandmarkJS project for you, and offer to set up blog, gallery, and enquiry (contact form) models + views.
First up, you'll need Node.js >= 0.10.x and MongoDB >= 2.4.x installed. If you don't have them, follow the Dependencies instructions below.
Then, install the Landmark generator:
$ npm install -g generator-landmark
If you see errors, check the problems section below.
With the generator installed, create an empty directory for your new LandmarkJS Project, and run yo landmark
in it:
$ mkdir myproject
$ cd myproject
$ yo landmark
The generator will ask you a few questions about which features to include, then prompt you for Cloudinary and Mandrill account details.
These accounts are optional, but Cloudinary is used to host the images for the blog and gallery templates. You can get a free account for each at:
When you've got your new project, check out the LandmarkJS Documentation to learn more about how to get started with LandmarkJS.
When running npm install -g generator-landmark
, you may get an EACCES error asking you to run the command again as root/Administrator. This indicates that there is a permissions issue.
On your development system you can change directory ownership to the current $USER so you do not have to run sudo
while installing untrusted code:
sudo chown -R $USER /usr/local
# Other directories may be required depending on your O/S
sudo chown -R $USER /usr/lib/node_modules/
For a production/shared environment you may wish to re-run the npm
command with the sudo
prefix:
sudo npm install -g generator-landmark
For more information, see the "What, no sudo?" of the Intro to npm by Isaac Schulueter.
By default, LandmarkJS will look for a MongoDB server running on localhost
on the default port, and connect to it. If you're getting errors related to the MongoDB connection, make sure your MongoDB server is running.
If you haven't installed MongoDB yet, follow the instructions below.
To connect to a server other than localhost
, add a MONGO_URI
setting to the .env
file in your Landmark project directory:
MONGO_URI=mongodb://your-server/database-name
Download and install the node.js binaries for your platform from the Node.js download page.
If you're on a mac, the easiest way to install MongoDB is to use the homebrew package manager for OS X. To install it, run this in your terminal:
ruby -e "$(curl -fsSL https://raw.github.com/Homebrew/homebrew/go/install)"
With Homebrew installed, run this in your terminal to download and install MongoDB:
brew mongo
For other platforms, see the MongoDB installation guides.
FAQs
A LandmarkJS Project Generator for Yeoman
The npm package generator-landmark receives a total of 3 weekly downloads. As such, generator-landmark popularity was classified as not popular.
We found that generator-landmark demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.