Research
PyPI Package Disguised as Instagram Growth Tool Harvests User Credentials
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
By Kush Pandya - Jun 06, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
puppet-modulebuilder
Advanced tools
puppet-modulebuilder
Puppet::Modulebuilder
Table of Contents
- Overview - What is Puppet::Modulebuilder?
- Description - What does the gem do?
- Usage - How can the gem be used?
- Testing - How to test changes to the gem?
- Contributing - How to contribute to the gem?
- Development - How to release changes to the gem?
Overview
The puppet-modulebuilder gem contains the reference implementation for building Puppet modules from source.
Description
The purpose of this tool is to take a given local module directory and compile it into a .tar file, known as the tarball, that can then be installed directly by Puppet on a target machine or uploaded onto the Puppet Forge so that it can be accessed publicly.
As part of this process any non-deliverable aspects of the module, parts of it related to the modules development or testing for example, are stripped away leaving only the documentation and the puppet/ruby code that is needed for the module to function.
The parts of the module to be excluded are defined in a .pdkignore, .pmtignore or .gitignore file with the first one to be found in this given order being used. Any directories or files that are listed in the ignore file are then excluded, allowing the user to customize what is and what is not excluded.
Usage
This gem can be used in one of two ways, the first being to call on it directly as shown in the example below:
builder = Puppet::Modulebuilder::Builder.new('./puppetlabs-motd', './pkg', nil)
builder.build
For conveniances sake the puppet-modulebuilder gem has been included within the PDK and as such can be called on to run against a module from within it using the build command as shown below:
pdk build
Testing
Acceptance tests for this module leverage puppet_litmus
bundle exec rake 'litmus:provision[docker, litmusimage/ubuntu:22.04]'
bundle exec rake 'litmus:install_agent[puppet8-nightly]'
bundle exec rake 'litmus:install_module'
Contributing
Bug reports and pull requests are welcome on GitHub at https://github.com/puppetlabs/puppet-modulebuilder.
License
This codebase is licensed under Apache 2.0. However, the open source dependencies included in this codebase might be subject to other software licenses such as AGPL, GPL2.0, and MIT.
Development
To release a new version, simply run the Release Prep github action workflow, passing it the desired version, in order to generate a PR containing the necesary changes.
Once this PR is merged you can then run the Release action in order to build the gem and push it to rubygems.org.
FAQs
Unknown package
We found that puppet-modulebuilder demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Package last updated on 21 May 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Socket Now Supports pylock.toml Files
Socket now supports pylock.toml, enabling secure, reproducible Python builds with advanced scanning and full alignment with PEP 751's new standard.
By Trevor Norris - Jun 05, 2025
Security News
Research
Destructive npm Packages Disguised as Utilities Enable Remote System Wipe
Socket uncovered two npm packages that register hidden HTTP endpoints to delete all files on command.
By Kush Pandya - Jun 05, 2025