Security News
Maven Central Adds Sigstore Signature Validation
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.
@circle.so/posts
Advanced tools
Create an API token here: `https://circle.example.com/settings/api/new`
Create an API token here:
https://circle.example.com/settings/api/new
$ npm install --save @circle.so/posts
$ npm install --save @circle.so/spaces
$ npm install --save-dev @circle.so/types
See spaces/spaces.test.ts
, posts/posts.test.ts
, and @circle.so/types
for
more options.
import { Spaces } from '@circle.so/spaces'
// Pass your API key to the constructor
const api = new Spaces({ api_key: process.env.CIRCLE_API_KEY })
const space = await api.add({ community_id: 1, name: "New space" })
console.log(space.name)
// "New space"
Uses patterns for a typescript monorepo found here: https://blog.frankdejonge.nl/setting-up-a-typescript-mono-repo-for-scoped-packages/
$ npm install --dev
$ cp env.sample .env
# Update .env with a Circle API key.
$ source .env
$ npm run tests
Following this pattern: https://www.yieldcode.blog/post/npm-workspaces/ https://stackoverflow.com/questions/72055371/npm-workspaces-typescript-unable-to-find-local-modules
$ npm init --workspace packages/types --scope @circle.so -y
$ ls -la node_modules/@circle.so/
$ npm install @circle.so/types --workspace ./packages/spaces
$ cat packages/spaces/package.json | grep -C1 circle
$ npm ls
$ npm run build -ws
$ npm version patch -ws --verbose
# git commit and push
$ npm publish --access public -ws --verbose
npm run build
creates artefacts in package/*/src
files that prevent
interim package builds to not run which causes confusion.types
package first
npm run build:types
./src
and run the build script. We should fix this.paths
and exclude
in tsconfig.json
at the root level
we had all sorts of errors with resolving packages.FAQs
Create an API token here: `https://circle.example.com/settings/api/new`
We found that @circle.so/posts demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.
Security News
CISOs are racing to adopt AI for cybersecurity, but hurdles in budgets and governance may leave some falling behind in the fight against cyber threats.
Research
Security News
Socket researchers uncovered a backdoored typosquat of BoltDB in the Go ecosystem, exploiting Go Module Proxy caching to persist undetected for years.