Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
vapid-cli
Advanced tools
Readme
Vapid is an intentionally simple content management system built on the idea that you can create a custom dashboard without ever leaving the HTML.
Vapid requires node v8.9.0 or higher, and can be installed via npm
npm install -g vapid-cli
Note: A desktop GUI application is coming soon—please add yourself to the mailing list if you'd like to be notified when that is available.
To create a new website project, use the Vapid command line tool:
vapid new path/to/project/folder
Then change to the project directory, and start the development server. By default, the server will livereload, and refresh your website as you change the source files.
cd path/to/project/folder
vapid start .
A few files and folders you should be aware of:
File/Folder | Description |
---|---|
www | Your website files. Anything you put in here is an accessible resource, with the exceptions of files that start with underscores or periods—those are private/special. Sass and JS files that have the .pack.js , .pack.scss , or .pack.sass extensions will be compiled by Webpack. |
data | SQLite database file, and uploaded images. In general, you do not want to mess with this folder. |
node_modules | This one should also be ignored. |
package.json | Information about your project, including Vapid configuration options. |
.env | A private file that contains server environment variables, like the SECRET_KEY used by the web server. |
Vapid can be deployed to any hosting service that supports Node.js. Here are a few to consider:
Service | Notes |
---|---|
Vapid | Zero-config service that can be accessed via the vapid deploy command. Note: it is currently in private beta. |
Heroku | Free or paid tiers. One thing to note is that Heroku's file system is ephemeral, so Vapid's type=image directives won't work here. |
Glitch | The easiest way to take Vapid for a test-drive. |
If you'd like to get involved, and help improve Vapid:
FAQs
A template-driven content management system
The npm package vapid-cli receives a total of 21 weekly downloads. As such, vapid-cli popularity was classified as not popular.
We found that vapid-cli demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.