Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
Sorry we don't scan binary artifacts yet
- Maintainers
- 1
HGraph Orders and Pricing Library
Provides a library, based on the hgraph functional reactive framework to support creating order and pricing logic.
The core components of the library include:
- instruments
- positions
- portfolios
- orders
- pricing
This library is currently very green and is expected to have significant changes.
Development
The project is currently configured to make use of Poetry for dependency management. Take a look at the website to see how best to install the tool. Once you have checked out the project, you can install the project for development using the following command:
This is optional, but you can ensure python uses the version of python you require.
poetry env use 3.11
Then use the following command to install the project and it's depenencies:
poetry install
Then you can find the location of the installation using:
poetry env info
PyCharm can make use of poetry to setup the project.
Run Tests
# No Coverage
poetry run pytest
# Generate Coverage Report
poetry run pytest --cov=your_package_name --cov-report=xml
FAQs
A library to faciliate building order and pricing strategies
We found that hg-oap demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024