Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Convenience wrapper for
got
to interact with the GitLab API
Copied then adapted for GitLab from gh-got
$ npm install --save gl-got
Instead of:
const got = require('got');
const token = 'foo';
got('https://gitlab.com/api/v3/users/979254', {
json: true,
headers: {
'PRIVATE-TOKEN': `${token}`
}
}).then(res => {
console.log(res.body.username);
//=> 'gl-got-tester'
});
You can do:
const glGot = require('gl-got');
glGot('users/979254', {token: 'foo'}).then(res => {
console.log(res.body.username);
//=> 'gl-got-tester'
});
Or:
const glGot = require('gl-got');
glGot('https://gitlab.com/api/v3/users/979254', {token: 'foo'}).then(res => {
console.log(res.body.username);
//=> 'gl-got-tester'
});
Same as got
(including the stream API and aliases), but with some additional options below.
Errors are improved by using the custom GitLab error messages. Doesn't apply to the stream API.
Type: string
GitLab access token.
Can be set globally with the GITLAB_TOKEN
environment variable.
Type: string
Default: https://gitlab.com/api/v3
Can be set globally with the GITLAB_ENDPOINT
environment variable.
Type: Object
Can be specified as a plain object and will be serialized as JSON with the appropriate headers set.
MIT © Sindre Sorhus © Rhys Arkins
FAQs
Convenience wrapper for `got` to interact with the GitLab API
The npm package gl-got receives a total of 793 weekly downloads. As such, gl-got popularity was classified as not popular.
We found that gl-got demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.