Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
generic_store
Advanced tools
Provides an implementation of store.js in memory for testing + a wrapper around store.js for avoiding conflicts
STILL IN PROGRESS - MISSING FEATURES - API MAY CHANGE
generic_store.js wraps store.js and add :
NOTE : ONLY set() AND get() ARE IMPLEMENTED FOR NOW !
License : public domain (http://unlicense.org/)
In you web app, you use the convenient local storage instead of fat cookies. Of course, you use store.js (https://github.com/marcuswestin/store.js) to access the local storage.
Now there are two problems :
Solution :
define(
[
'generic_store/generic_store',
],
function(GenericStore) {
"use strict";
// new store, in memory, guaranteed to be empty
var store1 = GenericStore.make_new("memory");
// new store, in memory, guaranteed to be empty, different from the previous one
var store2 = GenericStore.make_new("memory");
// existing store (local storage), "existing" reminds us that it may already contain data
var store3 = GenericStore.get_existing("local");
// now use your store like store.js
store.set('username', 'marcus');
store.get('username');
store.set('user', { name: 'marcus', likes: 'javascript' });
Bower : bower install generic_store.js
Npm : npm install generic_store
in the 'spec' folder. See also readme.txt in the 'test_runner' folder.
FAQs
Provides an implementation of store.js in memory for testing + a wrapper around store.js for avoiding conflicts
The npm package generic_store receives a total of 1 weekly downloads. As such, generic_store popularity was classified as not popular.
We found that generic_store demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.