![Namecheap Takes Down Polyfill.io Service Following Supply Chain Attack](https://cdn.sanity.io/images/cgdhsj6q/production/6af25114feaaac7179b18127c83327568ff592d1-1024x1024.webp?w=800&fit=max&auto=format)
Security News
Namecheap Takes Down Polyfill.io Service Following Supply Chain Attack
Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.
PlugIt is a framework enhancing the portability and integration of web services requiring a user interface.
Readme
PlugIt
is a framework enhancing the portability and integration of micro-services requiring a user interface.
We use this framework at EBU to access services on the EBU.io platform.
This is a draft of the protocol and implementation. Expect issues (and report them) !
PlugIt is a framework which allows to combine multiple micro-services through a single experience and user interface while maintaining data and process isolation. It allows developers to design generic services and simply include common services such as User Management, Billing, Email notifications. Services can easily be integrated in multiple environments. Using Bootstrap as basis for CSS styling, we can provide a unified User Experience across services. Global layout updates and core functionality can easily be updated across services. In terms of availability, a broken service will not impact the others. Finally, it is possible to roll-out development environment and do shadow deployment per user.
The framework is composed of two kinds of element:
Services Isolated and portable services providing generic features to the system.
Proxy server. It acts as the host platform. It provides User Authentication and common services such as email notifications, etc.
This example is a simple Voting application. Use the following command lines to start the example. (You will need to install Docker.
cd examples
docker-compose up -d
open http://`docker-machine ip`:4000
The previous commands should have started two containers:
$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
?? examples_standalone_proxy "python manage.py run" X minutes ago Up X minutes 0.0.0.0:4000->4000/tcp examples_standalone_proxy_1
?? examples_simple_service "python server.py" X minutes ago Up X minutes 0.0.0.0:5000->5000/tcp examples_simple_service_1
The django client implements a standalone PlugIt Proxy
. The implementation of the protocol is located in the plugit
Django application and must be versioned in case of modifications in order to preserve backward compatibility.
Use the following commands to run the proxy:
cd examples
docker-compose up simple_service
The flask server implements a PlugIt service.
server.py
is the main flask file, providing different calls to the framework, generated from actions defined in actions.py.
Use the following commands to run the proxy:
cd examples
docker-compose up standalone_proxy
Copyright (c) 2014-2018, EBU-UER Technology & Innovation
The code is under BSD (3-Clause) License. (see LICENSE)
FAQs
PlugIt is a framework enhancing the portability and integration of web services requiring a user interface.
We found that plugit demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.
Security News
OpenSSF is warning open source maintainers to stay vigilant against reputation farming on GitHub, where users artificially inflate their status by manipulating interactions on closed issues and PRs.
Security News
A JavaScript library maintainer is under fire after merging a controversial PR to support legacy versions of Node.js.