Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
generator-mc
Advanced tools
This is a yeoman generator for making express & js applications. It's the little sister of a fully universal / isomorphic generator which you can find here: https://github.com/dazld/generator-cairn - if you're looking for server rendered react, redux etc, that would be a better place to look.
There is a full suite of watching, livereloading, compilation and related gulp tasks. The express server renders html as you would expect, and they can be found in the server/views
folder.
It is a work in progress, and pull requests are welcome as long as they remain in the spirit of the generator.
Install Yeoman - npm install -g yo
.
Install generator globally: npm install -g generator-mc
Check everything is working: yo --help
- should see a list of generators, and mc
in there too.
Make a new directory, cd into it.
yo mc
- give the project a name (it uses the directory name as default).
Yeoman will perform git init
and npm install
for you - this takes a while, so be prepared for a short wait.
gulp
- default task runs dev server, watches and builds.
USE_HTTPS=true gulp
for running a https localhost server
Sockets on iOS with a self signed cert - https://blog.httpwatch.com/2013/12/12/five-tips-for-using-self-signed-ssl-certificates-with-ios/
npm install -g generator-mc
FAQs
Express & ES6 single page app generator
We found that generator-mc demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.