Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
@bonniernews/sentry-sync
Advanced tools
Work in progress, CLI-tool doesn't work yet
Syncs releases
as well as source maps and related source files to Sentry.
npm install -g @bonniernews/sentry-sync
sentry-sync \
--organization foo \
--project bar \
--source-version <something-indicating-the-version> \
--token secret123 \
relative/path/to/source-map/file1
relative/path/to/source-map/file2
--organization
- required - specify the name of the Sentry organization of the project to sync with--project
- required - specify the name Sentry project to sync with--source-version
- required - specify the version of the source that is synced (eg. a short hash, a SemVer version or such)--commit
- specify the commit hash of the pushed code--help
- if specified then this help will be printed--repository
- specify the name of the git repository for the code, eg. owner-name/repo-name
--token
- the Sentry token used to authenticate against the Sentry API--verbose
- if specified, then more verbose feedback will be returned--version
- if specified, then the version of this tool will be returnedFAQs
Syncs release data from a project to Sentry
We found that @bonniernews/sentry-sync demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.