Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
pa11y-reporter-1.0-json
Advanced tools
A reporter for Pa11y 2.0+ which outputs 1.0-style JSON.
pa11y --reporter 1.0-json nature.com
:skull: Please note: this reporter is now deprecated and will no longer be supported by the Pa11y team. :skull:
Refer to the Pa11y Migration Guide to update any applications that still expect Pa11y 1.0 JSON format. Alternatively, you're welcome to published your own reporter using modern Pa11y's reporters interface.
Install Pa11y and Pa11y JSON 1.0 Reporter with npm:
npm install -g pa11y
npm install -g pa11y-reporter-1.0-json
Use the reporter with the --reporter
flag:
pa11y --reporter 1.0-json nature.com
You'll get the 1.0-style JSON:
{
"isPerfect": Boolean,
"count": {
"total": Number,
"error": Number,
"warning": Number,
"notice": Number
},
"results": Array
}
To contribute to Pa11y JSON 1.0 Reporter, clone this repo locally and commit your code on a separate branch.
Please check that everything works by running the following before opening a pull-request:
make ci
Pa11y JSON 1.0 Reporter is licensed under the Lesser General Public License (LGPL-3.0).
Copyright © 2015–2017, Team Pa11y
FAQs
A Pa11y 2.0+ reporter which outputs the 1.0 JSON format
We found that pa11y-reporter-1.0-json demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.