Research
Security News
Kill Switch Hidden in npm Packages Typosquatting Chalk and Chokidar
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
This extension provides a preview with syntax highlight for multiple text resources formats.
There is a caching mechanism implemented in this extension. It is disabled by default. To enable it, set ckanext.pygments.cache.enable
to True
. You can also set the time to live for the cache in seconds with ckanext.pygments.cache.ttl
. The default is 7200 seconds (2 hours). You can also set the maximum size of the resource to cache in bytes with ckanext.pygments.cache.resouce_max_size
. The default is 20MB.
We use Redis for caching and it uses memory. If you have a lot of resources and they are big, you can run out of memory. That's why it is disabled by default. It's still debatable if we need cache at all. Big resource processed with pygments will be even bigger. So we can have a lot of memory usage. But if we have a lot of resources and many users access it, we can save a lot of time on processing.
If you're using the ckanext-admin-panel extension, you can configure the pygments settings from the admin panel.
Otherwise, you can configure it in the ckan.ini
file.
Supported config options:
- key: ckanext.pygments.supported_formats
type: list
description: Specify a list of supported formats
default: sql html xhtml htm xslt py pyw pyi jy sage sc rs rs.in rst rest md markdown xml xsl rss xslt xsd wsdl wsf json jsonld yaml yml dtd php inc rdf ttl js
- key: ckanext.pygments.max_size
type: int
description: Specify how many bytes we are going to render from file. Default to 1MB
default: 1048576
- key: ckanext.pygments.include_htmx_asset
description: Include HTMX asset
default: true
type: bool
- key: ckanext.pygments.default_theme
description: Default theme for preview
default: default
- key: ckanext.pygments.cache.enable
description: Enable cache
default: false
type: bool
- key: ckanext.pygments.cache.preview_max_size
description: Specify what is the maximum size of a preview we are going to cache
default: 20971520 # 20MB
type: int
- key: ckanext.pygments.cache.ttl
description: Specify the time to live of the cache
default: 7200 # 2 hours
type: int
To run the tests, do:
pytest --ckan-ini=test.ini
FAQs
Provides previews with syntax highlight for multiple formats
We found that ckanext-pygments demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.