Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
[!IMPORTANT] 🎉 Payload 2.0 is now available! Read more in the announcement post.
Create a cloud account, connect your GitHub, and deploy in minutes.
Before beginning to work with Payload, make sure you have all of the required software.
npx create-payload-app@latest
Alternatively, it only takes about five minutes to create an app from scratch.
Jumpstart your next project by starting with a pre-made template. These are production-ready, end-to-end solutions designed to get you to market as fast as possible.
Eliminate the need to combine Shopify and a CMS, and instead do it all with Payload + Stripe. Comes with a beautiful, fully functional front-end complete with shopping cart, checkout, orders, and much more.
Build any kind of website, blog, or portfolio from small to enterprise. Comes with a beautiful, fully functional front-end complete with posts, projects, comments, and much more.
We're constantly adding more templates to our Templates Directory. If you maintain your own template, consider adding the payload-template
topic to your GitHub repository for others to find.
Check out the Payload website to find in-depth documentation for everything that Payload offers.
Migrating from v1 to v2? Check out the 2.0 Release Notes on how to do it.
If you want to add contributions to this repository, please follow the instructions in contributing.md.
The Examples Directory is a great resource for learning how to setup Payload in a variety of different ways, but you can also find great examples in our blog and throughout our social media.
Payload is highly extensible and allows you to install or distribute plugins that add or remove functionality. There are both officially-supported and community-supported plugins available. If you maintain your own plugin, consider adding the payload-plugin
topic to your GitHub repository for others to find.
There are lots of good conversations and resources in our Github Discussions board and our Discord Server. If you're struggling with something, chances are, someone's already solved what you're up against. :point_down:
FAQs
Node, React, Headless CMS and Application Framework built on Next.js
The npm package payload receives a total of 52,470 weekly downloads. As such, payload popularity was classified as popular.
We found that payload demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.