Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
magpie-base
Advanced tools
Base components in Vue for magpie-powered experiments.
First, ensure you have Node.js v16 or v18 installed.
To install this package, run npm install -g magpie-base
.
To initialize a new experiment based on magpie (after installing the package), run magpie new experiment-name
.
For more information, please visit the project homepage
The API reference for the latest version is available at reference.magpie-experiments.org.
A guided introduction to building experiments with magpie is available at magpie-experiments.org.
$ cd your-project
$ npm update magpie-base
Read more on maintaining npm dependencies.
The master
branch represents the latest release. Development of new features and pull requests happen on the develop
branch.
If a release should be done
vX.X.X
npm publish
Before committing changes it is recommended to run the linter to make sure the changes adhere to the general coding style.
Run the js/vue linter using
npm run lint:fix
and the css linter using
npm run stylelint:fix
Ideally every feature should be covered by at least one unit test. Unit tests are run on every commit and pull requests, so we can quickly detect whenever a change breaks something.
Run the unit tests using
npm run test:unit
For implementing tests we're using the jest framework in combination with vue test utils.
In order to spin up a local web server with the docs run npm run docs
.
In order to build the docs run npm run docs:build
.
The contents and organization of the docs are declared in styleguide.config.js
. Each source folder should have a docs.md
file with a general introduction to the feature in said folder.
The online docs are automatically built from the latest commit of the master branch.
All Vue components must be exported in src/components/index.js
in order to be available in downstream projects without importing them.
FAQs
Provides base components for magpie frontend projects
The npm package magpie-base receives a total of 3 weekly downloads. As such, magpie-base popularity was classified as not popular.
We found that magpie-base demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.