Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
reaction-api
Advanced tools
Reaction is a modern reactive, real-time event driven ecommerce platform.
Reaction is a headless commerce platform built using Node.js, React, and GraphQL. It plays nicely with npm, Docker and Kubernetes.
Follow the documentation to install Reaction with Reaction Platform for all supported operating systems.
bin/setup # do this after initial clone and after every pull or checkout
docker-compose up -d # starts a MongoDB container and a Reaction API container
docker-compose logs -f api # view Reaction API container logs
To stop the API and the MongoDB server, enter docker-compose down
.
nvm use
# nvm install if prompted
npm i -g npm
npm install
bin/setup # do this after initial clone and after every pull or checkout
npm run start:dev
CTRL+C
to stop.
bin/setup
docker-compose run --rm api npm run test:integration # Test all mutations and queries
docker-compose run --rm api npm run test:integration:query # OR test queries only
docker-compose run --rm api npm run test:integration:mutation # OR test mutations only
docker-compose run --rm api npm run test:integration:file:watch -- <filename> # OR test one file
CTRL+C
to interrupt the test run.
docker-compose up -d mongo
npm install
npm run test:integration # Test all mutations and queries
npm run test:integration:query # OR test queries only
npm run test:integration:mutation # OR test mutations only
npm run test:integration:file:watch -- <filename> # OR test one file
CTRL+C
to interrupt the test run.
Build:
docker build . -t test-api
Run:
dc up -d mongo
docker run --env-file ./.env -p 3000:3000 --network reaction.localhost -it test-api:latest
Use an external GraphQL client to test http://localhost:3000/graphql. GraphQL Playground isn't served on GET requests because it's in production mode.
:star: If you like what you see, star us on GitHub.
Find a bug, a typo, or something that’s not documented well? We’d love for you to open an issue telling us what we can improve!
Want to request a feature? Use our Reaction Feature Requests repository to file a request.
We love your pull requests! Check our our Good First Issue
and Help Wanted
tags for good issues to tackle.
Pull requests should pass all automated tests, style, and security checks.
Your code should pass all acceptance tests and unit tests. Run docker-compose run --rm reaction npm run test
to run the test suites in containers. If you're adding functionality to Reaction, you should add tests for the added functionality.
We require that all code contributed to Reaction follows Reaction's ESLint rules. You can run docker-compose run --rm reaction npm run lint
to run ESLint against your code locally.
Please follow the Reaction Code Style Guide. Check out our guides to JSDoc, Git, error handling, logging, and React.
We also request that you follow the our pull request template
Get more details in our Contributing Guide.
We use the Developer Certificate of Origin (DCO) in lieu of a Contributor License Agreement for all contributions to Reaction Commerce open source projects. We request that contributors agree to the terms of the DCO and indicate that agreement by signing-off all commits made to Reaction Commerce projects by adding a line with your name and email address to every Git commit message contributed:
Signed-off-by: Jane Doe <jane.doe@example.com>
You can sign-off your commit automatically with Git by using git commit -s
if you have your user.name
and user.email
set as part of your Git configuration.
We ask that you use your real full name (please no anonymous contributions or pseudonyms) and a real email address. By signing-off your commit you are certifying that you have the right to submit it under the GNU GPLv3 License.
We use the Probot DCO GitHub app to check for DCO sign-offs of every commit.
If you forget to sign-off your commits, the DCO bot will remind you and give you detailed instructions for how to amend your commits to add a signature.
Reaction is GNU GPLv3 Licensed
FAQs
Reaction is a modern reactive, real-time event driven ecommerce platform.
The npm package reaction-api receives a total of 0 weekly downloads. As such, reaction-api popularity was classified as not popular.
We found that reaction-api demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.