Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
hemera-plugin
Advanced tools
hemera-plugin
is a plugin helper for Hemera.
hemera-plugin
can do some things for you:
const hp = require('hemera-plugin')
module.exports = hp(function(hemera, opts, next) {
next()
})
If you need to set a bare-minimum version of Hemera for your plugin, just add the semver range that you need:
const hp = require('hemera-plugin')
module.exports = hp(function(hemera, opts, next) {
next()
}, '0.x')
You can check here how to define a semver
range.
const hp = require('hemera-plugin')
module.exports = hp(async function(hemera, opts) {
// your plugin code
}, '0.x')
You can also pass some metadata that will be handled by Hemera, such as the dependencies, default options and the name of your plugin.
const hp = require('hemera-plugin')
function plugin(hemera, opts, next) {
// your plugin code
next()
}
module.exports = hp(plugin, {
hemera: '0.x', // bare-minimum version of Hemera
name: 'my-plugin', // name of your plugin, will be used e.g for logging purposes
scoped: false, // when false no hemera plugin is created. This is useful if you want to extend the core but don't need a seperate plugin scope.
options: { host: 'localhost', port: 8003 }, // default options for your plugin
// Plugin dependencies
decorators: ['joi'],
dependencies: ['plugin2']
})
FAQs
This is a plugin helper for hemera
We found that hemera-plugin demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.