Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
== Jnlp Ruby Gem version 0.7.2
A Ruby gem for encapsulating the content and resources referenced by Java Web Start jnlps and interacting with jnlp repositories managed by the maven-jnlp Eclipse plugin.
Complete rdoc available here: http://rdoc.info/projects/stepheneb/jnlp
{file:history.html Release History}
For more information about the structure of Java Web Start see Sun's documentation[http://java.sun.com/javase/6/docs/technotes/guides/javaws/developersguide/contents.html]
== Examples:
=== Creating a new {Jnlp::Jnlp} object from a local Java Web Start jnlp file.
j = Jnlp::Jnlp.new("authoring.jnlp")
=== Creating a new {Jnlp::Jnlp} object from a Java Web Start jnlp referenced with a url.
j = Jnlp::Jnlp.new("http://jnlp.concord.org/dev/org/concord/maven-jnlp/otrunk-sensor/otrunk-sensor.jnlp")
Once the {Jnlp::Jnlp} object is created you can call {Jnlp::Jnlp#cache_resources} to create a local cache of all the jar and nativelib resources.
The structure of the cache directory and the naming using for the jar and nativelib files is the same as that used by the Java Web Start Download Servlet, see Sun's servlet guide[http://java.sun.com/javase/6/docs/technotes/guides/javaws/developersguide/downloadservletguide.html].
== Creating {Jnlp::MavenJnlp} objects that represent the resources deployed by a maven jnlp servlet.
=== Creating a {Jnlp::MavenJnlp} object that represents the all the resources deployed by a maven jnlp servlet.
require 'jnlp' mj = Jnlp::MavenJnlp.new('http://jnlp.concord.org', '/dev/org/concord/maven-jnlp/')
This takes about 90s on a 3Mbps connection processing Concord's Maven Jnlp Web Start server.
You can now do this:
mj.maven_jnlp_families.length # => 26 mj.maven_jnlp_families[0].name # => "all-otrunk-snapshot" mj.maven_jnlp_families[0].versions.length # => 1568 mj.maven_jnlp_families[0].versions.first.version # => "0.1.0-20070420.131610" mj.maven_jnlp_families[0].snapshot_version # => "0.1.0-20090327.222627"
mj.maven_jnlp_families[0].versions.last.url
mj.maven_jnlp_families[0].snapshot.url
mj.maven_jnlp_families[0].versions.first.url
=== Creating {Jnlp::MavenJnlp} objects that represent some all the resources deployed by a maven jnlp servlet.
You can pass in an options hash to limit the number of maven jnlp families parsed:
Example: passing in an optional array of maven jnlp families This will get all versions of each family.
mj = Jnlp::MavenJnlp.new('http://jnlp.concord.org', '/dev/org/concord/maven-jnlp/', { :families => ['all-otrunk-snapshot', 'gui-testing'] })
mj.maven_jnlp_families.length
Example: passing in an optional hash of maven jnlp families This will get all versions of each family.
mj = Jnlp::MavenJnlp.new('http://jnlp.concord.org', '/dev/org/concord/maven-jnlp/', { :families => { 'all-otrunk-snapshot' => nil, 'gui-testing' => nil } })
mj.maven_jnlp_families.length
Example: passing in an optional hash of maven jnlp families and specifying the versions of the jnlp urls to get for one family.
mj = Jnlp::MavenJnlp.new('http://jnlp.concord.org', '/dev/org/concord/maven-jnlp/', { :families => { 'all-otrunk-snapshot' => { :versions => ['0.1.0-20100513.161426', '0.1.0-20100513.154925'] }, 'gui-testing' => nil } }) mjfs = mj.maven_jnlp_families [mjfs.length, mjfs[0].versions.length, mjfs[1].versions.length]
== Building the gem
=== The source code
The source code for the jnlp gem is on github[http://github.com/stepheneb/jnlp/tree/master] and the gem dependencies are managed with bundler
git clone git://github.com/stepheneb/jnlp.git cd jnlp gem install nokogiri bundle install
Bundler should install nokogiri but can't because of this bug: {can't find gem specified in gemspec with a range}[https://github.com/carlhuda/bundler/issues/1397]
=== Runtime dependencies
nokogiri ">= 1.4.4", "<= 1.5"
=== Development dependencies
rake
rspec '> 2.5.0'
ci_reporter '> 1.6.4'
rdoc '> 3.9.4'
yard '> 0.7.2'
=== rake tasks
$ bundle exec rake -T rake build # Build jnlp-0.7.3.gem into the pkg directory rake clobber_rdoc # Remove RDoc HTML files rake hudson:spec # run the spec tests and generate JUnit XML reports (for integrating with a Hudson CIS server) rake install # Build and install jnlp-0.7.3.gem into system gems rake rdoc # Build RDoc HTML files rake release # Create tag v0.7.3 and build and push jnlp-0.7.3.gem to Rubygems rake rerdoc # Rebuild RDoc HTML files rake spec # Run RSpec rake yard # Generate YARD Documentation
=== Running the tests
JRuby:
jruby -S rake spec
MRI:
bundle exec rake spec
Generating JUnit XML output for integrating with the Hudson CIS server:
bundle exec rake hudson:spec
=== Running adhoc tests using the source code directly
Run an adhoc test in the file sample.rb in the same top-level directory as this source code by telling ruby to first add 'lib/' to the load path. ruby -Ilib sample.rb
=== Building and installing the gem locally
bundle exec rake build gem install pkg/jnlp-.gem
=== Releasing a new version to http://rubygems.org/
bundle exec rake release
=== TODO
Add tests for:
=== Changes
FAQs
Unknown package
We found that jnlp demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.