Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
[![npm version](https://badge.fury.io/js/ocast-sdk.svg)](http://badge.fury.io/js/ocast-sdk) [![Build Status](https://travis-ci.org/Orange-OpenSource/OCast-JS.svg?branch=master)](https://travis-ci.org/Orange-OpenSource/OCast-JS)
Prior to ES2015 (ES6) there was no module system in the standard of the ECMAScript language. What we had (and still have) instead, are different implementation patterns for “simulating” a module system: there are the simple IIFEs (Immediately Invoked Function Expression), UMD (Universal Module Definition), AMD (Asynchronous Module Definition) and CommonJS. ES6 finally introduced a standard way of defining modules
Because the JS is used in the frontend, we still need to compile the ES2015 code to ES5 as long as the evergreen browsers do not support your favorite new features natively.
All code in this repository is covered by the Apache-2.0 license. See LICENSE file for copyright details.
sudo npm i -g rollup
npm i
npm run dev
npm run build
npm test
FAQs
[![npm version](https://badge.fury.io/js/ocast-sdk.svg)](http://badge.fury.io/js/ocast-sdk) [![Build Status](https://travis-ci.org/Orange-OpenSource/OCast-JS.svg?branch=master)](https://travis-ci.org/Orange-OpenSource/OCast-JS)
The npm package ocast-sdk receives a total of 36 weekly downloads. As such, ocast-sdk popularity was classified as not popular.
We found that ocast-sdk demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.