Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
This software is licensed under the Apache 2.0 license.
See the LICENSE and NOTICE files that should have been provided along with this software for details.
3scale toolbox is a set of tools to help you manage your 3scale product. Using the 3scale API Ruby Client.
Supported Ruby interpreters
Install the toolbox:
$ gem install 3scale_toolbox
The 3scale toolbox packaging repo provides packages and installation/deployment steps for the following platforms:
$ 3scale help
NAME
3scale - 3scale toolbox
USAGE
3scale <sub-command> [options]
DESCRIPTION
3scale toolbox to manage your API from the terminal.
COMMANDS
account account super command
activedocs activedocs super command
application application super command
application-plan application-plan super command
copy copy super command
help show help
import import super command
method method super command
metric metric super command
policy-registry policy-registry super command
proxy-config proxy-config super command
remote remotes super command
service services super command
update [DEPRECTATED] update super command
OPTIONS
-c --config-file=<value> 3scale toolbox configuration file (default:
$HOME/.3scalerc.yaml)
-h --help show help for this command
-k --insecure Proceed and operate even for server
connections otherwise considered insecure
-v --version Prints the version of this command
--verbose Verbose mode
After checking out the repo, run bin/setup
to install dependencies. You can also run bin/console
for an interactive prompt that will allow you to experiment. Run bundle exec 3scale
to use the gem in this directory, ignoring other installed copies of this gem.
To install this gem onto your local machine, run bundle exec rake install
. To release a new version, update the version number in version.rb
, and then run bundle exec rake release
, which will create a git tag for the version, push git commits and tags, and push the .gem
file to rubygems.org.
To run all tests run rake
.
There are two kinds of tests:
rake spec:unit
rake spec:integration
Integration tests can be run locally or against a real 3scale account. When details of the account are set via environment variables, integration tests are run agains given account. Otherwise, tests are run locally with mocked 3scale clients.
The easiest way to set everything up is it to have a .env
file in the root of the project with the following environment variables (set your own values):
ENDPOINT=https://your-domain-admin.3scaledomain
PROVIDER_KEY=abc123
VERIFY_SSL=true (by default true)
Very simple core command to list existing services. Helps to illustrate basic command code structure and helper methods to deal with remotes.
$ cat lib/3scale_toolbox/commands/service_list_command.rb
module ThreeScaleToolbox
module Commands
class ServiceListCommand < Cri::CommandRunner
include ThreeScaleToolbox::Command
def self.command
Cri::Command.define do
name 'service_list'
usage 'service_list <3scale_remote>'
summary 'service list'
description 'list available services'
param :remote
runner ServiceListCommand
end
end
def run
puts threescale_client(arguments[:remote]).list_services
end
end
end
end
A few things worth highlighting:
command
module function and return an instance of Cri::Command
from crithreescale_client
helper method returns 3scale API client instance. All the process remote parsing, fetching from remote list and client instantiation is done out of the box.Then register the core command in lib/3scale_toolbox/commands.rb
--- a/lib/3scale_toolbox/commands.rb
+++ b/lib/3scale_toolbox/commands.rb
@@ -4,6 +4,7 @@ require '3scale_toolbox/commands/copy_command'
require '3scale_toolbox/commands/import_command'
require '3scale_toolbox/commands/update_command'
require '3scale_toolbox/commands/remote_command'
+require '3scale_toolbox/commands/service_list_command'
module ThreeScaleToolbox
module Commands
@@ -12,7 +13,8 @@ module ThreeScaleToolbox
ThreeScaleToolbox::Commands::CopyCommand,
ThreeScaleToolbox::Commands::ImportCommand,
ThreeScaleToolbox::Commands::UpdateCommand,
- ThreeScaleToolbox::Commands::RemoteCommand::RemoteCommand
+ ThreeScaleToolbox::Commands::RemoteCommand::RemoteCommand,
+ ThreeScaleToolbox::Commands::ServiceListCommand
].freeze
end
end
Running the new core command:
$ 3scale service_list my-3scale-instance
{ ... }
It is a requirement that we include a file describing all the licenses used in the product, so that users can examine it.
Run rake license_finder:check
to check licenses when dependencies change.
Run rake license_finder:report > licenses.xml
to update licenses file.
As of 3scale Toolbox 0.5.0, 3scale Toolbox will load plugins installed in gems or $LOAD_PATH. Plugins are discovered via Gem::find_files then loaded. Install, uninstall and update plugins using tools like RubyGems and/or Bundler.
Bug reports and pull requests are welcome on GitHub at https://github.com/3scale/3scale_toolbox.
FAQs
Unknown package
We found that 3scale_toolbox demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.