Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
wappsto-cli
Advanced tools
Command Line Interface for Wappsto, so that it is possible to create Wapps locally.
Wappsto-cli requires node version 16.4.0
or higher to work properly.
First create a new folder for you wapp and enter it.
mkdir my-new-wapp
cd my-new-wapp
You can now install the package with npm
.
npm install wappsto-cli --save-dev
Or using yarn
.
yarn add wappsto-cli -D
When use yarn
remember to create a package.json
file in your folder before installing.
echo '{}' > package.json
To create a Wapp run the create-wapp
using npx
:
npx create-wapp
It will ask for your 'username' and 'password' to Wappsto, unless you are already logged in. Here you get the option to download any exsisting Wapps or create a new Wapp.
This will generate a file called manifest.json where you can modify the description of your wapp.
To start a local web server and local background runner, that will serve the Wapp run the serve-wapp
using npx
:
npx serve-wapp
This will run a local web server where you can test your wapp foreground part of your wapp. It is default listen on port 3000.
This will also run your background files in a local node instance.
Any notifications from your Wapp is presented in the terminal where you are running serve-wapp
.
If you want to run your background files on the server, you can use the --remote
flag when starting serve-wapp
.
To configure your wapp you can run configure-wapp
using npx
, to chaange some settings for your wapp.
This is also where you can create OAuth configurations for your wapp.
npx configure-wapp
To update the Wapp on wappsto run the update-wapp
using npx
:
npx update-wapp
This will upload all your files to Wappsto and download any new files created for your Wapp.
To delete the Wapp run the delete-wapp
using npx
:
npx delete-wapp
This will delete your Wapp locally and/or remotely.
To trigger a reinstall of the application run:
npx update-wapp --reinstall
You can configure wappsto-cli by creating a 'wappsto.json' file and add this:
{
"foreground": "foreground",
"background": "background",
"port": "3000"
}
Valid options is:
Option | Default | Description |
---|---|---|
foreground | foreground | The folder where the foreground files will be stored. |
background | background | The folder where the background files will be stored. |
port | 3000 | The port the web server will serve the Wapp on. |
browser | default | The browser used to serve the frontend files. ('google-chrome' or 'firefox') |
Here is some examples on how to configure frameworks to work with wappsto-cli.
If you are using React framework, you can configure the React development server, by installing the following package:
npm install http-proxy-middleware --save
and creating a file src/setupProxy.js
with this:
const { createProxyMiddleware } = require('http-proxy-middleware');
const Wapp = require('wappsto-cli/lib/wapp');
const wapp = new Wapp();
const HOST = wapp.host;
let sessionID = '';
const run = async () => {
await wapp.init();
sessionID = await wapp.getInstallationSession();
};
run();
module.exports = function (app) {
app.use(
'/services',
createProxyMiddleware({
target: HOST,
changeOrigin: true,
ws: true,
logLevel: 'error',
}));
// set a cookie
app.use((req, res, next) => {
res.cookie('sessionID', sessionID, { maxAge: 900000 });
next();
});
};
And insert "homepage": "./",
into your package.json
file.
To use the build version of React, change the foreground
configuration to build
and then run npm run build
to build the react application.
Then run npx serve-wapp
to serve the build version of your react application.
Apache 2.0 © Seluxit A/S
FAQs
Command Line Interface for creating wapps in Wappsto
The npm package wappsto-cli receives a total of 20 weekly downloads. As such, wappsto-cli popularity was classified as not popular.
We found that wappsto-cli demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.