Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Minimalist and lightweight framework to init and build web app based on Progressive Web App process, web app like native application.
Using methods when App
is called :
Function | Arguments | Types | Description |
---|---|---|---|
navigate | screenName | string | Switch into another screen |
getResourceURL | file | string | Return your resource link |
addComponent | tag, component | string, string | Define your custom web component in the DOM |
In your component script :
import { CustomComponent } from "../app/App.js";
const STYLE = `
color: blue;
`;
class MyComponent extends CustomComponent {
constructor() {
super();
// Add events listener like this.onclick
}
render() {
return `
<span style="${STYLE}">${this.properties.value}</span>
`;
}
}
export {
MyComponent
};
In your screen JavaScript file :
import { App } from "./../../app/App.js";
import { MyComponent } from "./../../components/MyComponent.js";
App.addComponent("my-component", MyComponent);
In your screen HTML file :
<my-component value="Hello blue text"></my-component>
You can define all properties you want for your component
⚠️ Your custom component tag has to have at minimum one dash like <dark-button>
or <big-title-header>
npm install wakx
npx wakx init
npx wakx ./MyApp screen
npx wakx ./MyApp component
npx wakx ./MyApp start
-p PORT | --port PORT : Define server port number
-l | --launch : Open app on default browser
npx wakx ./MyApp build
You can also use my package locally by donwloading package-npm folder, install necessary packages with npm install
in the folder, and by using node ./wakx.js ...
You can test your web app like native app just to add it as a shortcut on your mobile home screen, from your actual browser (Safari for iOS and Chrome for Android are recommended)
FAQs
Manage WebAppKit framework
We found that wakx demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.