Research
Recent Trends in Malicious Packages Targeting Discord
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Readme
Easy feature toggles
npm install knobs
Define a list of features, each feature supports
default
value.var features = [
{ "name": "autorecovery", "env": "FEATURE_AUTORECOVERY", "default": false },
{ "name": "dynamic_scaling", "env": "FEATURE_DYNAMIC_SCALING", "default": false },
{ "name": "holiday_promo", "default": function(user) { return user.id % 2; } }
];
var Knobs = require('Knobs').default;
var knobs = new Knobs(features);
process.env['FEATURE_DYNAMIC_SCALING'] = true;
knobs.enabled('autorecovery'); // false
knobs.enabled('dynamic_scaling'); // true
knobs.enabled('holiday_promo', { id: 5 }); // true
knobs.enabled('holiday_promo', { id: 4 }); // false
Using Knobs allows for easy A/B testing. You could schedule future releases or slowly roll out by using a computed value:
knobs.load([
{
'name': 'foo',
'default': function() {
return Math.floor(Math.random()*10) % 2;
}
},
{
'name': 'bar',
'default': function() {
return new Date() > '02-12-2016';
}
}
]);
knobs.enabled(foo); // enabled for approx half of users
knobs.enabled(bar); // enabled after a certain date
Or you can manually override things with environment variables:
script.js
knobs.load({ name: 'foo', env: 'FEATURE_FOO', default: false });
console.log('Foo Enabled -', knobs.enabled('foo'));
Running without specified flags
$ node script
Foo Enabled - false
Running with flag on
$ FEATURE_FOO=true node script
Foo Enabled - true
Create a new Knobs instance with a list of features.
Load in a list of features.
Set the value of a feature. val
can be a boolean or a function.
Alias for .set(name, true)
Alias for .set(name, false)
Returns whether a feature is enabled. Accepts optional parameters if the feature is defined by a computed value function.
Inverse of .enabled
Knobs is an event emitter and emits on certain methods.
When features are loaded, the "load" event is emitted with the list of features.
knobs.load(require('./features.json'));
knobs.on('load', (features) => { ... });
Emitted when a feature changes via .set
, .enable
or .disable
with the new feature value.
knobs.enable('launch redesign');
knobs.on('change:launch redesign', (val) => { ... });
MIT
FAQs
Feature toggles
We found that knobs demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.