Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
vite-plugin-fake-server
Advanced tools
A fake server plugin for Vite. Live Demo
ts
, js
, mjs
, cjs
, cts
, mts
files.npm install --save-dev vite-plugin-fake-server
Configure plugins in the configuration file of Vite, such as vite.config.ts
:
// vite.config.ts
import { defineConfig } from "vite";
import { vitePluginFakeServer } from "vite-plugin-fake-server";
// https://vitejs.dev/config/
export default defineConfig({
plugins: [
vitePluginFakeServer(),
],
});
You can create a new file in the fake
folder in the directory where the Vite configuration file is located, such as user.fake.ts
:
// fake/user.fake.ts
import Mock from "mockjs";
import { defineFakeRoute } from "vite-plugin-fake-server/client";
import { faker } from "@faker-js/faker";
export default defineFakeRoute([
{
url: "/mock/get-user-info",
response: () => {
return Mock.mock({
id: "@guid",
username: "@first",
email: "@email",
avatar: '@image("200x200")',
role: "admin",
});
},
},
{
url: "/fake/get-user-info",
response: () => {
return {
id: faker.string.uuid(),
avatar: faker.image.avatar(),
birthday: faker.date.birthdate(),
email: faker.internet.email(),
firstName: faker.person.firstName(),
lastName: faker.person.lastName(),
sex: faker.person.sexType(),
role: "admin",
};
},
},
]);
After starting the project through Vite, you can request the custom URL above through XHR or Fetch.
For case details, please click this link to view some examples or experience it directly online - Live Demo
The defineFakeRoute function parameters require the user to enter the route type as follows:
export interface FakeRoute {
url: string;
method?: HttpMethodType;
timeout?: number;
statusCode?: number;
statusText?: string;
headers?: OutgoingHttpHeaders;
response?: (processedRequest: ProcessedRequest, req: IncomingMessage, res: ServerResponse) => any;
rawResponse?: (req: IncomingMessage, res: ServerResponse) => void;
}
export function defineFakeRoute(config: FakeRoute | FakeRoute[]) {
return config;
}
Type: string
Default: "fake"
Set the folder where the fake xxx.fake.{ts,js,mjs,cjs,cts,mts}
files is stored.
Type: string[]
Default: []
Exclude files in the include
directory.
document: https://github.com/mrmlnc/fast-glob#ignore
Type: string | boolean
Default: "fake"
Set the infix name used in the fake file name.
Type: boolean
Default: true
Set whether to listen to include
files.
Type: boolean
Default: true
Set whether to display the request log on the console.
In order to maintain logs and screen clearing strategies consistent with Vite style on the terminal, the vite-plugin-fake-server plugin will automatically read the following three parameters in the Vite configuration file or in the Vite command line.
A preview image:
Type: string[]
Default: ["ts", "js", "mjs", "cjs", "cts", "mts"]
Set the fake files extensions.
Type: number
Default: undefined
Set default response delay time.
Type: string
Default: ""
Set the root address of the request URL.
Type: OutgoingHttpHeaders
Default: {}
Set default headers for responses.
Type: boolean
Default: true
Set up the service simulator in the development environment.
Powered by Connect technology.
Type: boolean
Default: false
Set up the service simulator in the production environment.
Powered by XHook technology.
⚠️ The node module cannot be used in the fake file, otherwise the production environment will fail.As an alternative to keep consistent with the development environment, you can build a standalone deployment server, see build option.
Compared with the development environment, the API interface defined in the production environment does not have a rawResponse
function. The response function does not have the second parameter request
and the third parameter response
.
export interface FakeRoute {
url: string;
method?: HttpMethodType;
timeout?: number;
statusCode?: number;
statusText?: string;
headers?: OutgoingHttpHeaders;
response?: (processedRequest: ProcessedRequest) => any;
}
Type: boolean
Clarify that the plugin runs on the HTTP/2 protocol. By default, automatically follow Vite's server-https configuration.
The status text in HTTP/2 is always an empty string.
Type: boolean | ServerBuildOptions
Default: false
Set whether to export a independently deployable fake service(only valid in build mode).
interface ServerBuildOptions {
/**
* @description Server port
* @default 8888
*/
port?: number;
/**
* Directory relative from `root` where build output will be placed. If the
* directory exists, it will be removed before the build.
* @default "fakeServer"
*/
outDir?: string;
}
# packages/vite-plugin-fake-server
npm run build:watch
# packages/playground/react-sample
npm run dev
# packages/vite-plugin-fake-server
npm run build:watch
# packages/playground/react-sample
npm run build
npm run preview
MIT License © 2023-Present Condor Hero
FAQs
A fake server plugin for Vite.
The npm package vite-plugin-fake-server receives a total of 921 weekly downloads. As such, vite-plugin-fake-server popularity was classified as not popular.
We found that vite-plugin-fake-server demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.