Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
hoodie-pocket-uikit
Advanced tools
NOTE: the functionality described here is for version 2.0.0 or higher (should be included with any hoodie-server with a version above 0.9.26).
Pocket UIKit is a collection of CSS styles and JS libraries for easier and faster building of Pocket components for Hoodie Plugins. It includes neat form styles, better select drop-downs with autocomplete, drag-n-drop file upload fields, better checkboxes etc. We encourage the use of this kit when building your own plugins so
It includes a static test page of all available elements that you can copy and paste for use in your Pocket components, this is at http://yourhoodieendpoint/_api/_plugins/_assets/index.html
.
Put this in the <head>
:<link rel="stylesheet" href="/_api/_plugins/_assets/styles/pocket-uikit.css">
And this before the closing </body>
tag: <script src="/_api/_plugins/_assets/scripts/pocket-uikit.js"></script>
You'll get basic styles and behaviour for a bunch of UI elements, including nicer checkboxes/radio buttons and better select dropdowns.
You can also have drag n' drop file uploads, please consultthe aforementioned index.html
as well as /_api/_plugins/_assets/scripts/main.js
for an example of the frontend aspect of this.
In the future, these will be part of a my-first-plugin
-repo you can use as a base for your own plugins. Also, there will be a docs page with copy-and-pastable examples and clearer usage explanations.
To explore the UIKit further, browse through http://yourhoodieendpoint/_api/_plugins/_assets/
(final slash matters, sorry). This base path will show you an index of all available files.
FAQs
A UI kit for building the Pocket components of Hoodie plugins.
We found that hoodie-pocket-uikit demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.