Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
libkernel
Advanced tools
libkernel is a node module for web developers what would like to use Skynet in their applications. It creates a direct connection to the Skynet kernel and then provides helper methods for interacting with the kernel.
A quirk of libkernel is that errors are of the type string | null
rather than
being type Error
. This is because libkernel is frequently used in webworkers
and other settings where errors need to be sent over postmessage, and the
Error
type is not suitable for postmessage.
libkernel is still being reviewed, but is expected to be stable. There may be a small number of breaking changes in the near future, and after that we will be providing strong compatibility promises around the libkernel API.
libkernel needs to expose a method to directly send messages to the kernel, without adding any formatting or wrapping. This is necessary in particular for the test suite so that the test suite can attempt to send malformed messages and ensure that the kernel is performing all of the safety checks on bad messages and continues to function after receiving malformed messages.
FAQs
helper library to interact with skynet and the skynet kernel
The npm package libkernel receives a total of 10 weekly downloads. As such, libkernel popularity was classified as not popular.
We found that libkernel demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.