Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
random_publication_test
Advanced tools
random_publication_test is a Dash component library.
Get started with:
python usage.py
See CONTRIBUTING.md
If you have selected install_dependencies during the prompt, you can skip this part.
Install npm packages
$ npm install
Create a virtual env and activate.
$ virtualenv venv
$ . venv/bin/activate
Note: venv\Scripts\activate for windows
Install python packages required to build components.
$ pip install -r requirements.txt
Install the python packages for testing (optional)
$ pip install -r tests/requirements.txt
src/lib/components/RandomPublicationTest.react.js
.src/demo
and you will import your example component code into your demo app.$ npm run build
usage.py
sample dash app:
$ python usage.py
tests/test_usage.py
, it will load usage.py
and you can then automate interactions with selenium.$ pytest tests
.random_publication_test
).
MANIFEST.in
so that they get properly included when you're ready to publish your component._css_dist
dict in random_publication_test/__init__.py
so dash will serve them automatically when the component suite is requested.Build your code:
$ npm run build
Create a Python tarball
$ python setup.py sdist
This distribution tarball will get generated in the dist/
folder
Test your tarball by copying it into a new environment and installing it locally:
$ pip install random_publication_test-0.0.1.tar.gz
If it works, then you can publish the component to NPM and PyPI:
$ twine upload dist/*
$ rm -rf dist
publish_on_npm
)
$ npm publish
Publishing your component to NPM will make the JavaScript bundles available on the unpkg CDN. By default, Dash serves the component library's CSS and JS locally, but if you choose to publish the package to NPM you can set serve_locally
to False
and you may see faster load times.Share your component with the community! https://community.plot.ly/c/dash
FAQs
Project Description
The npm package random_publication_test receives a total of 0 weekly downloads. As such, random_publication_test popularity was classified as not popular.
We found that random_publication_test demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.