Research
Recent Trends in Malicious Packages Targeting Discord
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
seller-listing-service
Advanced tools
Readme
yarn add seller-listing-service
Example:
import { Service } from 'seller-base';
import { CategoryService } from 'seller-listing-service';
Service.$instance.createServiceModule<CategoryService>(CategoryService, 'module-name');
更多示例请参考 src/development/index.ts
安装babel-plugin-import
,在babel的plugin中加入这段配置
[require('seller-listing-service/dist/babel-config-for-main-project')]
Seller Center 由于是多模块模式,因此需要使用的模块需要修改构建配置
{
externals: [Object.assign(config.getExternalsConfig(), {
'seller-base': config.getExternalsConfig(['@/framework'])['@/framework']
})],
babelPlugin: config.mode === 'production' ? [require('seller-listing-service/dist/babel-config-for-main-project')] : []
}
local.config.js
加入个人定制的开发环境代码src/modules/my-service/index.ts
和 src/modules/my-service/lib/service.ts
至少两个文件,src/modules/my-service/index.ts
不能有默认导出。index.ts
,不能从其他模块的其他文件引入。src/modules/index.ts
代码不能重命名导入。从0.0.xx
升级到从0.1.xx
版本,主要的变更如下:
OriginListProduct
、ListProduct
对象字段,具体可以参考新版本的字段定义(0.0.xx版本的部分字段已去掉)。OriginProductItemModel
、ProductItemModel
类型定义,使用OriginListProductItemModel
、ListProductItemModel
替代。getProductById
接口将返回OriginProductDetail
对象(0.0.xx版本是OriginProduct
),computedProduct
接口将返回ProductDetail
对象(0.0.xx版本是Product
),返回的对象字段有变更,具体可以参考新版本的字段定义(0.0.xx版本的部分字段已去掉)。updateProducts
接口参数变更为Array<Partial<ProductDetail>>
(0.0.xx版本是Array<ProductUpdateData>
)。ProductHelpers
类型定义,使用ProductHelpers
的接口参数均有变更,seller-listing-service不再支持外部传入user、shop字段。ListingConfig
、ProductConstraints
接口及类型定义。FAQs
security holding package
We found that seller-listing-service demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.