Security News
PyPI Introduces Digital Attestations to Strengthen Python Package Security
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
This repository is part of the Joyent Manta project. For contribution guidelines, issues, and general documentation, visit the main Manta project page.
This repo serves to hold any/all common code that is shared between Manta components. Currently a mahi client, the indexing ring client, and some common utils exist.
You'll need an existing Manta deployment to run the test suite. You should
set the ELECTRIC_MORAY
environment variable to the hostname or IP address of
an electric-moray instance in your deployment and the MAHI_HOST
environment
variable to the hostname or IP address of an authcache instance in your
deployment. As an example, in a deployment called emy-10
with DNS configured
in your development zone, you might set these to:
$ export ELECTRIC_MORAY=electric-moray.emy-10.joyent.us
$ export MAHI_HOST=authcache.emy-10.joyent.us
$ make prepush
Manta components that use libmanta should use versions published to npm. To release a new libmanta:
Make a commit to set the intended version in "package.json#version".
Get that commit approved and merged via https://cr.joyent.us, as with all commits to this repo. See the discussion of contribution at the top of this readme.
Once that is merged and you've updated your local copy, run:
make cutarelease
This will ensure a clean working copy, git tag, and npm publish.
FAQs
common functions et al for manta services
The npm package libmanta receives a total of 0 weekly downloads. As such, libmanta popularity was classified as not popular.
We found that libmanta demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 10 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.