Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
stencila-js
Advanced tools
stencila/js
: Stencila for JavascriptThis package contains code that is shared amongst other Stencila Javascript-based packages: node
(the package for Node.js) and web
(the package for web browsers):
pack
and unpack
functions for transferring data between Javascript and other languagesJsSession
class for executing code in Javascriptnpm install stencila-js --save
Documentation is available at https://stencila.github.io/js.
We love feedback. Create a new issue, add to existing issues or chat with members of the community.
Most development tasks can be run directly from npm
or via make
wrapper recipes.
Task | npm et al | make |
---|---|---|
Install and setup dependencies | npm install | make setup |
Check code for lint | npm run lint | make lint |
Run tests | npm test | make test |
Run tests with coverage | npm run cover | make cover |
Build documentation | npm run docs | make docs |
Serve and watch docs for updates | npm run docs-serve | make docs-serve |
Clean | make clean |
Tests live in the tests
folder and are written using the tape
test harness. And, in another breathtaking display of naming logic, documentation lives in the docs
folder. Docs are published using Github Pages, so to update them after making changes run make docs
, commit the updated docs and do a git push
.
FAQs
Stencila for Javascript
The npm package stencila-js receives a total of 0 weekly downloads. As such, stencila-js popularity was classified as not popular.
We found that stencila-js demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.