Security News
Cloudflare Adds Security.txt Setup Wizard
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
This is a command line tool to help build, run, and test web extensions.
Ultimately, it aims to support web extensions in a standard, portable, cross-platform way. Initially, it will provide a streamlined experience for developing Firefox web extensions.
npm install --global web-ext
You'll need:
Optionally, you may like:
Make sure npm
is up to date:
npm install -g npm
Change into the source and install everything:
git clone https://github.com/mozilla/web-ext.git
cd web-ext
npm install
Build the command:
npm run build
Link it to your node installation:
npm link
You can now run it from any directory:
web-ext --help
To see all available commands and options, type:
web-ext --help
Complete user documentation is in progress (issue #19) and will be available here: https://developer.mozilla.org/en-US/Add-ons/WebExtensions/web-ext
This tool may require using a nightly build of Firefox and is initially intended to develop web extensions, a platform which is not yet stable in Firefox. If you are looking to develop an add-on that runs in older versions of Firefox, consider jpm.
Hi! This tool is under active development. To get involved you can watch the repo, file issues, create pull requests, or ask a question on dev-addons. Read the contributing section for how to develop new features.
This is a great question and one that we will ask ourselves for each new web-ext feature. Most web extension functionality is baked into the browsers themselves but a complimentary command line tool will still be helpful. Here is a partial list of examples:
First, note that jpm is still actively maintained by Mozilla right now. We decided not to patch jpm for web extension support (See jpm issue 445, discussion). Here's why.
Mozilla built cfx then deprecated it for jpm and now we're proposing a new tool. I know this is frustrating for developers but web extensions mark a major turning point. It would be an arduous task to wedge its feature set and simplified development process into jpm.
Pros of creating a new tool:
Cons of creating a new tool:
FAQs
A command line tool to help build, run, and test web extensions
The npm package web-ext receives a total of 33,548 weekly downloads. As such, web-ext popularity was classified as popular.
We found that web-ext demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.
Security News
ENISA’s 2024 report highlights the EU’s top cybersecurity threats, including rising DDoS attacks, ransomware, supply chain vulnerabilities, and weaponized AI.