
Security News
npm Adopts OIDC for Trusted Publishing in CI/CD Workflows
npm now supports Trusted Publishing with OIDC, enabling secure package publishing directly from CI/CD workflows without relying on long-lived tokens.
Supply Chain Security
Vulnerability
Quality
Maintenance
License
Unpopular package
QualityThis package is not very popular.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
An async python script that synchronizes files and folders across Canvas LMS Files and local, with extremely fast speed.
You may use one of the following
For Windows users, you can find binary(.exe) file here: https://github.com/BoYanZh/Canvas-Syncer/releases. Unzip it and double click canvassyncer.exe
file to run, or calling it in shell.
pipx
pipx install -U canvassyncer
If you have not installed pipx
yet, you may refer to https://pipx.pypa.io/stable/ or the search engine to get your pipx
.
git clone https://github.com/BoYanZh/Canvas-Syncer && cd Canvas-Syncer
pip install -e .
canvassyncer
Then input the information following the guide.
Note:
courseCode
should be something like VG100
, ECE4530J
courseID
should be an integer. Check the canvas link of the course. e.g. courseID = 7
for https://jicanvas.com/courses/7.You can use canvassyncer -h
to get help.
Optional arguments:
-h, --help show this help message and exit
-r recreate config file
-y confirm all prompts
--no-subfolder do not create a course code named subfolder when synchronizing files
-p PATH, --path PATH appoint config file path
-c CONNECTION, --connection CONNECTION
max connection count with server
-x PROXY, --proxy PROXY
download proxy
-V, --version show program's version number and exit
-d, --debug show debug information
--no-keep-older-version
do not keep older version
Open Your Canvas-Account-Approved Integrations-New Access Token
Or it can be easily achieved with https://github.com/BoYanZh/JI-Auth if you are a UM-SJTU-JI student.
Please feel free to create issues and pull requests.
FAQs
The async fast canavs file syncer.
We found that canvassyncer demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
npm now supports Trusted Publishing with OIDC, enabling secure package publishing directly from CI/CD workflows without relying on long-lived tokens.
Research
/Security News
A RubyGems malware campaign used 60 malicious packages posing as automation tools to steal credentials from social media and marketing tool users.
Security News
The CNA Scorecard ranks CVE issuers by data completeness, revealing major gaps in patch info and software identifiers across thousands of vulnerabilities.