
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
tt-git-merge-structure-sql
Advanced tools
This is a merge driver for Git that resolves typical merge conflicts
in a db/structure.sql
file of Rails.
When your project is configured with
config.active_record.schema_format = :sql
, the database schema is
kept in db/structure.sql
instead of db/schema.rb
in the native
dump format of the underlying database engine, which is not suitable
for the default merge driver of Git to deal with. As a result, when
you try to merge two branches you always have to resolve trivial
conflicts manually if new schema migrations take place in both
branches. This custom driver takes away such a pain.
Currently only PostgreSQL, MySQL and SQLite3 dump formats are supported.
Run this:
$ gem install tt-git-merge-structure-sql
And enable it yourself in your Git configuration, or let it do that for you by this command:
$ tt-git-merge-structure-sql --install
This adds necessary settings to your ~/.gitconfig
or
$XDG_CONFIG_HOME/git/config
and the default gitattributes(5) file to
enable the merge driver for structure.sql files.
If you want to enable this driver only in the current git directory, run this:
$ tt-git-merge-structure-sql --install=local
Once enabled, Git should call this driver as necessary when it needs to merge changes made in structure.sql.
See CHANGELOG.md
for the version history.
Copyright (c) 2018-2021 Akinori MUSHA.
Licensed under the 2-clause BSD license. See LICENSE.txt
for
details.
Visit the GitHub Repository for the latest information.
FAQs
Unknown package
We found that tt-git-merge-structure-sql demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
A malicious package uses a QR code as steganography in an innovative technique.
Research
/Security News
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
Application Security
/Research
/Security News
Socket detected multiple compromised CrowdStrike npm packages, continuing the "Shai-Hulud" supply chain attack that has now impacted nearly 500 packages.