Security News
PyPI’s New Archival Feature Closes a Major Security Gap
PyPI now allows maintainers to archive projects, improving security and helping users make informed decisions about their dependencies.
By Sarah Gooding - Jan 30, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@code4rena/botrace-utils
Advanced tools
Code4rena Botrace Utils
Various utilities for Code4rena Bot Races
Getting Started
Installation
Node.js 18 or higher is required.
Install via npm: npm i -g @code4rena/botrace-utils
Or use npx to run the package directly: npx @code4rena/botrace-utils --help
Command line
Once installed the c4bru command will be available. See c4bru --help for full usage.
JSON validation
To validate a local file named report.json:
c4bru validate ./report.json
By default, this uses the currently recommended schema version. See the --help docs for how to change the target schema.
Markdown Rendering You can generate Markdown from your JSON report as it will be rendered for Github.
Note: Prior to generating the markdown the JSON report will be run through validation.
c4bru ./report.json > report.md
As a library
JSON validation
import {
defaultVersion,
schemas,
validateReport,
} from "@code4rena/botrace-utils";
const validate = (reportJson) => {
// Automatically use the default schema
return validateReport(reportJson);
// Or a specific version
return validateReport(reportJson, schemas[defaultVersion]);
return validateReport(reportJson, schemas["0.2.0"]);
};
Markdown Rendering Note: the api does not validate before rendering, it's recommended you run validation prior to rendering
import {
renderReport,
} from "@code4rena/botrace-utils";
const toMarkdown = (reportJson, winningBotName) => {
return renderReport(reportJson);
// Optionally pass a bot name to include the winning report messaging
return renderReport(reportJson, winningBotName);
};
FAQs
Various utilities for Code4rena Bot Races
We found that @code4rena/botrace-utils demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 13 open source maintainers collaborating on the project.
Package last updated on 13 Feb 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
North Korean APT Lazarus Targets Developers with Malicious npm Package
Malicious npm package postcss-optimizer delivers BeaverTail malware, targeting developer systems; similarities to past campaigns suggest a North Korean connection.
By Kirill Boychenko, Peter van der Zee - Jan 29, 2025
Security News
CISA Brings KEV Data to GitHub
CISA's KEV data is now on GitHub, offering easier access, API integration, commit history tracking, and automated updates for security teams and researchers.
By Sarah Gooding - Jan 29, 2025