Security News
Research
Supply Chain Attack on Rspack npm Packages Injects Cryptojacking Malware
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
@commitlint/load
Advanced tools
The @commitlint/load package is part of the commitlint toolchain, which is used to enforce consistent commit message formats according to various configurable rules. This package specifically handles the loading of commitlint configuration from various sources, allowing users to define rules that commit messages should adhere to in their projects.
Load Configuration
This feature allows the loading of commitlint configuration files. It supports loading from a specified path or from node_modules. The example shows how to load a common configuration that extends '@commitlint/config-conventional'.
const { load } = require('@commitlint/load');
async function loadConfig() {
const config = await load({extends: ['@commitlint/config-conventional']});
console.log(config);
}
loadConfig();
Merge Configurations
This feature demonstrates how to merge custom rules with existing configurations. The example merges a custom rule that restricts commit types to 'feat', 'fix', and 'docs' into the project's commitlint configuration.
const { load } = require('@commitlint/load');
async function mergeConfigs() {
const config = await load({
rules: {
'type-enum': [2, 'always', ['feat', 'fix', 'docs']]
}
}, {cwd: '/path/to/project'});
console.log(config);
}
mergeConfigs();
Husky is a tool for managing Git hooks. It can be used alongside commitlint by triggering linting on commits. While husky itself does not provide commit message linting, it is commonly used to run commitlint checks before commits are allowed. This makes it a complementary tool rather than a direct alternative.
Load shared commitlint configuration
npm install --save-dev @commitlint/load
const load = require('@commitlint/load').default;
load({extends: ['./package']}).then((config) => console.log(config));
// => { extends: ['./package', './package-b'], rules: {} }
Consult docs/api for comprehensive documentation.
FAQs
Load shared commitlint configuration
The npm package @commitlint/load receives a total of 3,050,903 weekly downloads. As such, @commitlint/load popularity was classified as popular.
We found that @commitlint/load demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.
Security News
Sonar’s acquisition of Tidelift highlights a growing industry shift toward sustainable open source funding, addressing maintainer burnout and critical software dependencies.