Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
#vagrant
on FreenodeVagrant is a tool for building and distributing development environments.
Development environments managed by Vagrant can run on local virtualized platforms such as VirtualBox or VMware, in the cloud via AWS or OpenStack, or in containers such as with Docker or raw LXC.
Vagrant provides the framework and configuration format to create and manage complete portable development environments. These development environments can live on your computer or in the cloud, and are portable between Windows, Mac OS X, and Linux.
For the quick-start, we'll bring up a development machine on VirtualBox because it is free and works on all major platforms. Vagrant can, however, work with almost any system such as [OpenStack] (https://www.openstack.org/), [VMware] (https://www.vmware.com/), [Docker] (https://docs.docker.com/), etc.
First, make sure your development machine has VirtualBox installed. After this, download and install the appropriate Vagrant package for your OS.
To build your first virtual environment:
vagrant init hashicorp/precise32
vagrant up
Note: The above vagrant up
command will also trigger Vagrant to download the
precise32
box via the specified URL. Vagrant only does this if it detects that
the box doesn't already exist on your system.
To learn how to build a fully functional development environment, follow the getting started guide.
If you want the bleeding edge version of Vagrant, we try to keep master pretty stable and you're welcome to give it a shot. The following is an example showing how to do this:
rake install
Ruby 2.0 is needed.
To install Vagrant from source, please follow the guide in the Wiki.
You can run the test suite with:
bundle exec rake
This will run the unit test suite, which should come back all green! Then you're good to go!
If you want to run Vagrant without having to install the gem, you may use bundle exec
,
like so:
bundle exec vagrant help
NOTE: By default running Vagrant via bundle
will disable plugins.
This is necessary because Vagrant creates its own private Bundler context
(it does not respect your Gemfile), because it uses Bundler to manage plugin
dependencies.
Vagrant also comes with an acceptance test suite that does black-box tests of various Vagrant components. Note that these tests are extremely slow because actual VMs are spun up and down. The full test suite can take hours. Instead, try to run focused component tests.
To run the acceptance test suite, first copy vagrant-spec.config.example.rb
to vagrant-spec.config.rb
and modify it to valid values. The places you
should fill in are clearly marked.
Next, see the components that can be tested:
$ rake acceptance:components
cli
provider/virtualbox/basic
...
Then, run one of those components:
$ rake acceptance:run COMPONENTS="cli"
...
FAQs
Unknown package
We found that vagrant-unbundled demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.