Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@bcronin/rbuild
Advanced tools
A make
-like tool with a few additional conventions and conveniences.
build.task("tbd")
-w, --watch
- runs in watch mode: will run the given task then poll all the dependent files and rerun the top-level task whenever-f, --force
- ignores timestamps and forces all tasks to be run. When combined with the watch option, the force option only applies to the first run of the tasks-h, --help
- describes the tasks-d, --describe
, - outputs a detailed JSON dependency graphThe configuration file has the following properties:
build
variable is exposed as a globalENV
Builds are described in a file named rbuild.config.js
. This exports two special variables build
and ENV
. It is also compiled as ES6 Javascript.
build
task(name)
- create a new named taskinclude(directory)
- add in the tasks and commands from another rbuild.configaddCmd(name, { desc })
- add a custom named commandTask
describe(msg)
- give the task a brief descriptiondeps([ dependencies ])
- ordered list of dependencies of this taskwatch([ dependencies ])
- dependencies that should retrigger this task in watch modeshell(command)
- run the command string via the shellexec(process, [ args ], { options })
- run an executable outside the shellcmd(name, ...)
- run a command registered with addCmdCreate a new named task.
build.task("test")
build.task("test")
.describe("runs all the unit tests")
.shell("npm run test")
build.task("test")
.describe("runs all the unit tests")
.deps([ "build", "lint" ])
.shell("npm run test")
Runs a command or array of commands as bash scripts. rbuild
will go out of its way to try to run these commands with bash (e.g. using MinGW on Windows).
shell(command)
shell([ commands ])
build.task("test")
.describe("runs all the unit tests")
.deps([ "build", "lint" ])
.shell("npm run test")
build.task("test")
.describe("runs all the unit tests")
.deps([ "build", "lint" ])
.shell([
"npm run test-fast",
"npm run test-slow",
]);
As rbuild
compiles the source files using ES6 syntax, the long-string form can be used to construct full scripts inline in the rbuild.config.js
file:
build.task("<tbd>")
.shell(`\
set -e
echo
echo Hello World
echo
gcc -c myfile.cc -o myfile.o
`)
The exec
command explicitly launches a new process without going through a sub-shell.
build.task("test")
.describe("runs all the unit tests")
.deps([ "build", "lint" ]
.exec("go", "build", "...", { })
Creates a new anonymous child task for each element in the array. The child task is automatically a dependency of the named parent task.
var glob = require("glob");
build.task("compile-less")
.subtasks(glob.sync("assets/style/*.less"), (task, filename) => {
task.shell(`lessc ${fileanme}`)
})
FAQs
A `make`-like tool with a few additional conventions and conveniences.
We found that @bcronin/rbuild demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.