
Research
/Security News
11 Malicious NuGet Tools Pose as Game Cheats to Drop a Windows Host-Surveillance Payload
11 malicious NuGet tools pose as game cheats to deploy Windows payloads, track hosts, and use Google Sheets for telemetry and control.
lighting-plugin-check
Advanced tools
> lighting-plugin-check 会检查 light 工程的源代码目录下是否有非 ascii 字符的文件名以及是否有仅大小写不同的文件名并提示;开发者也可以在工程根目录下的次配置文件 check-rules.js 中增加自定义规则,插件会根据配置文件进行语法检查并生成代码检查报告,存储于根目录下的 report.csv 文件中。
lighting-plugin-check 会检查 light 工程的源代码目录下是否有非 ascii 字符的文件名以及是否有仅大小写不同的文件名并提示;开发者也可以在工程根目录下的次配置文件 check-rules.js 中增加自定义规则,插件会根据配置文件进行语法检查并生成代码检查报告,存储于根目录下的 report.csv 文件中。
注:安装 check 插件之前,请确保您已经安装 lighting 脚手架工具。
light plugin -a check //安装
light plugin -u check //更新
light plugin -r check //卸载
在工程根目录下的 project.json 中的 plugins 字段中注册 check 插件:
{
"project":"lightdemo",
"version":"0.0.1",
"desc":"lightdemo",
"type":"vue",
"plugins":["check"]
}
在工程根目录下的 check-rules.js 中配置检查规则:
module.exports = [
{
link:'https://www.baidu.com',//对应的需求地址
regex:/native\.\w{1,}/ig,//检查规则
script:'',//使用脚本的检查规则
}
]
了解更多 lighting-plugin-check 插件的信息,请点击这里。
1.检查文件命名是否规范。
FAQs
> lighting-plugin-check 会检查 light 工程的源代码目录下是否有非 ascii 字符的文件名以及是否有仅大小写不同的文件名并提示;开发者也可以在工程根目录下的次配置文件 check-rules.js 中增加自定义规则,插件会根据配置文件进行语法检查并生成代码检查报告,存储于根目录下的 report.csv 文件中。
The npm package lighting-plugin-check receives a total of 3 weekly downloads. As such, lighting-plugin-check popularity was classified as not popular.
We found that lighting-plugin-check demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
/Security News
11 malicious NuGet tools pose as game cheats to deploy Windows payloads, track hosts, and use Google Sheets for telemetry and control.

Research
/Security News
4 compromised asyncapi packages deliver miasma botnet loader on macOS, Linux and Windows.

Research
/Security News
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.