
Security News
MCP Community Begins Work on Official MCP Metaregistry
The MCP community is launching an official registry to standardize AI tool discovery and let agents dynamically find and install MCP servers.
This is the Montage package template.
Note: Before working on your package you will need to add montage to it.
npm install .
The template contains the following files and directories:
ui/
– Directory containing all the UI .reel directories.package.json
– Describes your app and its dependenciesREADME.md
– This readme. Replace the current content with a description of your appoverview.html
overview/
– Directory that contains the files for the overview page. This is a different package so you will need to require the component using {{name}}/*.
main.reel
– The main interface component where you can add the components to show.node_modules/
– Directory containing all npm packages needed, including Montage. Any packages here must be included as dependencies
in package.json
for the Montage require to find them.test/
– Directory containing tests for your package.
all.js
– Module that point the test runner to all your jasmine specs.run-tests.html
– Page to run jasmine tests manually in your browsertestacular.conf.js
– This is the testacular configuration file. You can start testacular by running npm install testacular@0.5.7 && node_modules/testacular/bin/testacular start
Create the following directories if you need them:
locale/
– Directory containing localized content.scripts/
– Directory containing other JS libraries. If a library doesn’t support the CommonJS "exports" object it will need to be loaded through a <script>
tag.FAQs
Native MontageJS components.
We found that native demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The MCP community is launching an official registry to standardize AI tool discovery and let agents dynamically find and install MCP servers.
Research
Security News
Socket uncovers an npm Trojan stealing crypto wallets and BullX credentials via obfuscated code and Telegram exfiltration.
Research
Security News
Malicious npm packages posing as developer tools target macOS Cursor IDE users, stealing credentials and modifying files to gain persistent backdoor access.