Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
remix server: allow accessing file system from remix.ethereum.org and start a dev environment (see help section)
remixd
is a tool that intend to be used with Remix IDE (aka. Browser-Solidity). It allows a websocket connection between
Remix IDE
(web application) and the local computer.
Practically Remix IDE make available a folder shared by remixd
.
More details are explained in this tutorial.
Alternatively remixd
can be used to setup a development environment that can be used with other popular frameworks like Embark, Truffle, Ganache, etc..
remixd
needs npm
and node
npm install -g remixd
Usage: remixd -s <shared folder> --remix-ide https://remix.ethereum.org
Provide a two-way connection between the local computer and Remix IDE.
Options:
--remix-ide <url> URL of remix instance allowed to connect to this
web sockect connection
-s, --shared-folder <path> Folder to share with Remix IDE
--read-only Treat shared folder as read-only (experimental)
--vyper Run a local vyper compiler
-m, --mist start mist
-g, --geth start geth
-p, --dev-path <dev-path> Folder used by mist/geth to start the development instance
-f, --frontend <front-end> Folder that should be served by remixd
-p, --frontend-port <front-end-port> Http port used by the frontend (default 8082)
-a, --auto-mine mine pending transactions
-r, --rpc <cors-domains> start rpc server. Values are CORS domain
-rp, --rpc-port rpc server port (default 8545)
-h, --help output usage information
remixd -s <absolute-path> --remix-ide https://remix.ethereum.org
The current user should have read/write
access to the folder (at least read
access).
It is important to notice that changes made to the current file in Remix IDE
are automatically saved to the local computer every 5000 ms. There is no Save
action. But the Ctrl-Z
(undo) can be used.
Furthermore :
Remix IDE
(that might change).Remix allows to start a dev environment. Geth
is used to spawn a dev blockchain and Mist
to provide an user interface to interact with dapps in development and Remix IDE (It is also possible to use Metamask
and a normal browser)
Mist
and Geth
are not shipped with Remixd.
Download Mist
at https://github.com/ethereum/mist/releases
Download Geth
at https://ethereum.github.io/go-ethereum/downloads
Usage:
remixd --dev-path /home/devchains/chain1 --mist --geth --frontend /home/frontend --frontend-port 8084 --auto-mine
geth
.mist
.dev-path
option) if it doesn't exist containing blockchain data and keys.frontend
and frontend-port
option).
This option may be used if you want to browse your dapp using Mist
or a normal browser and Metamask
(see third example) (https://metamask.io). In this example the web application located at /home/frontend
will be available at http://127.0.0.1:8084remixd -s /home/user/project1/contracts --remix-ide https://remix.ethereum.org
remixd --dev-path /home/devchains/chain1 --rpc --rpc-port 8545 --geth --frontend /home/frontend --frontend-port 8084 --auto-mine
Mist
.
It is still possible to browse a front end app using a normal browser and Metamask
. The connection between Metamask and geth
has to be done via rpc connection and thus the rpc server has to be enabled (rpc
and rpc-port
options). Note that in that case Remix IDE (remix.ethereum.org) does not need Metamask. It is possible to use the Web3 Provider
option of Remix to connect to the Geth
RPC endpoints.
FAQs
remix server: allow accessing file system from remix.ethereum.org and start a dev environment (see help section)
The npm package remixd receives a total of 32 weekly downloads. As such, remixd popularity was classified as not popular.
We found that remixd demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.