Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
java-code-runner
Advanced tools
This is a module for runinng Java from String inside a node server
to run tests
npm install
npm test
The java server can run independently
I use Java 1.8
to run the server
Compile JavaRunner
javac JavaRunner.java
Compile Server
javac -cp .:servlet-api-2.5.jar:jetty-all-7.0.2.v20100331.jar RunnerServlet.java
Run server
java -cp .:servlet-api-2.5.jar:jetty-all-7.0.2.v20100331.jar RunnerServlet
The default port is 8080
The server will return a statusCode 200 for GET request to '/'
.
The server will return a JSON object {stout:String, sterr:String}
for POST request to '/'
.
The POST body should be {name:[nameOfClass], code:[ClassContent]}
example in nodejs, you can build a similar request using postman
var post_data = querystring.stringify({
'name': 'Main',
'code': 'public class Main {public static void main (String [] args) { System.out.println("Hello World");}}'
});
// An object of options to indicate where to post to
http.request({
host: '127.0.0.1',
port: 8080,
path: '',
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Content-Length': post_data.length // don't need to fill this in postman
}
}, function (res) {...});
post_req.write(post_data);
post_req.end();
java dependencies are in the .java-dependency file
This code is designed for UNIX system it may be incompatible with Windows, eg. I use the ':' to speerate classpath
###Things left to do
Handle the case of infinit loops Look inot runing the java server as a docker container
FAQs
This is a module for runinng Java from String inside a node server
The npm package java-code-runner receives a total of 1 weekly downloads. As such, java-code-runner popularity was classified as not popular.
We found that java-code-runner demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.