@node-core/utils
Advanced tools
CLI tools for Node.js Core collaborators.
git-node: Custom Git commands for working with Node.js
core, e.g. landing Pull Requests.ncu-config: Configure variables for node-core-utils
to use.ncu-team: Listing members of a team, synchronizing
special blocks in files with the list of members.get-metadata: Retrieving metadata for a Pull Request.
DEPRECATED: use git node metadata
instead.ncu-ci: Parse the results of a Jenkins CI run and display a summary for all the failures.npm install -g @node-core/utils
If you would prefer to build from the source, install and link:
git clone git@github.com:nodejs/node-core-utils.git
cd node-core-utils
npm ci
npm link
Most of the tools need your GitHub credentials to work. You can either
If you prefer option 2, follow these instructions to create the token.
When creating the token, the following boxes need to be checked:
user:email: Used by git-node and get-metadata to read the email of the
PR author in order to check if it matches the email of the commit author.read:org: Used by ncu-team to read the list of team members.Optionally, if you want to grant write access so git-node can write comments:
public_repo (or repo if you intend to work with private repositories).You can also edit the permission of existing tokens later.
After the token is generated, you can give it to NCU using:
ncu-config set username your_github_username
# Do not provide the token in the CLI, `ncu-config` will prompt you for it.
ncu-config set -x token
Note: Encryption is available only if you have gpg setup on your machine.
ncu-config set username your_github_username
# Do not provide the token in the CLI, `ncu-config` will prompt you for it.
ncu-config set token
The git-node and ncu-ci commands need to query the Node.js Jenkins API for
CI results, so you'll need to configure the Jenkins API token before using
these commands.
To obtain the Jenkins API token
Open
https://ci.nodejs.org/user/<your-github-username>/security (replace
<your-github-username> with your own GitHub username).
Click on the ADD NEW TOKEN button in the API Token section.
Enter an identifiable name (for example, node-core-utils) for this
token in the inbox that appears, and click GENERATE.
Copy the generated token.
Add it into your ncurc file (~/.ncurc or $XDG_CONFIG_HOME/ncurc, or
~/.ncurc.gpg or $XDG_CONFIG_HOME/ncurc.gpg) with jenkins_token as key,
like this:
ncu-config set -x jenkins_token
Note: Encryption is available only if you have gpg setup on your machine.
ncu-config set jenkins_token
Put the following entries into your
global gitignore file
($XDG_CONFIG_HOME/git/ignore or a file specified by core.excludesFile). For example:
$ git config --global core.excludesfile ~/.gitignore_global
# In ~/.gitignore_global
# node-core-utils configuration file
.ncurc
.ncurc.gpg
# node-core-utils working directory
.ncu
Mind that .ncu/land could contain your access token since it contains the
serialized configurations.
If you ever accidentally commit your access token on GitHub, you can simply revoke that token and use a new one.
To add autocomplete just run git-node completion and follow the instructions.
(same for the rest of the tools)
If you encounter an error that you cannot fix by yourself, please
NCU_VERBOSITY=debug environment variable set and
open an issue at https://github.com/nodejs/node-core-utils/issues with
detailed logs.See CONTRIBUTING.md.
MIT. See LICENSE.
FAQs
Utilities for Node.js core collaborators
The npm package @node-core/utils receives a total of 141 weekly downloads. As such, @node-core/utils popularity was classified as not popular.
We found that @node-core/utils demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
OpenAI rotated macOS signing certificates after a malicious Axios package reached its CI pipeline in a broader software supply chain attack.
Security News
Open source is under attack because of how much value it creates. It has been the foundation of every major software innovation for the last three decades. This is not the time to walk away from it.
Security News
Socket CEO Feross Aboukhadijeh breaks down how North Korea hijacked Axios and what it means for the future of software supply chain security.