Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
A test library to mock out the Google Publisher Tag library.
You can include gpt-mock
using npm:
npm install --save-dev gpt-mock
import GPT from 'gpt-mock';
define(['gpt-mock'], function(GPT) {
});
var GPT = require('gpt-mock');
This library is used to mock out the Google Publisher Tag (GPT) library, so the most natural way to use this would be:
window.googletag = new GPT();
Note that the instance is left as "unloaded", meaning apiReady
will be false, and googletag.cmd.push
will only accumulate the functions.
To mark the tag library as having been loaded, use the following:
window.googletag._loaded();
This library is intended to be as API-compatible as possible with the production code. Any member
that starts with an underscore (_
) is not part of the API and is a mock implementation detail.
We ♥ bug reports.
Have a problem? Need help? Would you like additional functionality added? We use GitHub's ticket system for keeping track of these requests.
Please check out the existing issues, and if you don't see that your problem is already being worked on, please file a new issue. The more information the better to describe your problem.
We ♥ forks and pull requests.
Please see CONTRIBUTING.md for full details.
The project requires nodejs (>=5.6) and npm (>=3.6.0) for development. It has no runtime dependencies.
Check the code out and install the development dependencies using:
npm install
To build the code, run
npm run build
We use ESLint and JSCS to do static analysis of the JavaScript and keep things smelling good. To run both, use:
npm run lint
Using travis-ci, the Mocha unit tests are run on every commit using PhantomJS to run the tests with a real browser.
To test the code locally, you can use:
npm test
To run tests in Test-Driven-Development mode, where the test will be run after every change, use:
npm run tdd
Please add a failing bug test and create a Pull Request.
See LICENSE.
Some of the documentation incorporated into this source code is based on the Google documentation which is licensed under the Creative Commons Attribution 3.0 License. Some of the material may have been modified for use in this library. Copyright of the incorporated documentation remains Google, Inc. Google is a registered trademark of Google and/or its affiliates and this project is not intended to represent that Google endorses this library.
FAQs
Test library for mocking out Google Publisher Tags
The npm package gpt-mock receives a total of 1,917 weekly downloads. As such, gpt-mock popularity was classified as popular.
We found that gpt-mock demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.