Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
untool
This package is an (optional) consolidated entry point to all other @untool/*
packages. It does not contain any meaningful code of its own, but you can use it to access our entire code base.
Please refer to the respective packages for further information:
@untool/core
: central base module all other packages rely upon@untool/yargs
: command line interface engine@untool/express
: development and production server implementation@untool/webpack
: webpack setup (including Babel)@untool/react
: universal React implementation$ yarn add untool # OR npm install untool
untool
installs an executable called un
in your project, allowing you to use it in your package.json
scripts or simply with yarn:
$ yarn exec un start
untool
re-exports everything that @untool/core
and @untool/react
provide, meaning you can simply use it like this in your runtime code:
import { render, importComponent } from 'untool';
untool
re-exports everything that @untool/core
, @untool/yargs
, @untool/express
, @untool/webpack
and @untool/react
provide. Use it in your Node.js code like this:
const { Mixin } = require('untool');
As untool
aggregates all other @untool
packages it includes all settings these provide.
FAQs
javascript tooling platform
The npm package untool receives a total of 79 weekly downloads. As such, untool popularity was classified as not popular.
We found that untool demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.