Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
node-mirror
Advanced tools
A development IDE build around CodeMirror.net.
If you dont know CodeMirror.net, please check it out. Its a great Project.
This projects aim is to follow the CodeMirror philosophy of pluginability and simplistic approach to give you a full (Web)Developer IDE.
So all you need is:
and you have answered the Question about which Editor to choose.
You will be able to edit your code from anywhere you want. if you dont like the colors you just change em. if support for a mimetype is missing you can just add it.
You will never again have to be frustrated about a missing feature within your IDE because you can just add it. At least if you know JavaScript.
For every Content Type where a CodeMirror Mode exists, a CodeMirror instance will be opened. Also every content Type starting with text/* will be opened using CodeMirror.
For all other files there is a download button.
ATTENTION! there is no security build in right now. this is a eary release and i had no focus on security.
make sure the port you are running node-mirror on is not open for public access. if anyone can access the port you are running node-mirror on, he will have full access to your file system.
npm install node-mirror node node_modules/node-mirror/bin/nodeMirror.js --port 3000 --dir /home/sol/projects
http://127.0.0.1:3000/
this is still beta. but i am using this for development so you can expect more.
the npm distribution is a release build
check out my git page to get the development version which you can use to customize node-mirror
BSD - maybe i will relicense it under MIT when i have found out what the differences are
FAQs
node.js + CodeMirror = Great IDE and Admin Tool
We found that node-mirror demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.