Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
@contentful/app-scripts
Advanced tools
@contentful/app-scripts
This project makes easy to perform some recurrent operations in Contentful's App Framework.
Locally:
npm i --save @contentful/app-scripts
Globally:
npm i -g @contentful/app-scripts
When installed
$ contentful-app-scripts create-app-definition
Otherwise
$ npx --no-install @contentful/app-scripts create-app-definition
// my-script.js
const { createAppDefinition } = require('@contentful/app-scripts')
const { myCustomLogic } = require('./my-custom-logic')
(async function main() {
myCustomLogic();
await createAppDefinition.interactive()
})()
Scripts exported from this module will all be in the following shape
interface Script<Result, Options> {
// query the user or local cache for required information
interactive: () => Result;
// run by automation (`--ci` flag), they would need all the information upfront
nonInteractive: (...options: Options) => Result;
}
:warning: Please note
Both interactive and nonInteractive version of the same script is meant to return the same result.
Allows creating a new AppDefinition provided a Content Management Token (more details here).
It only runs in interactive mode.
Example
$ npx --no-install @contentful/app-scripts create-app-definition
Allows you to upload a build directory and create a new AppBundle that is bound to an AppDefinition. It runs in interactive or non-interactive mode
Note: The command will automatically activate the bundle. To skip the activation you can pass the --skip-activation
argument in interactive and non-interactive mode and then manually activate it
In the interactive mode, the CLI will ask for all required options
Example
$ npx --no-install @contentful/app-scripts upload
When passing the --ci
argument the command will fail when the required variables are not set as arguments.
Example
$ npx --no-install @contentful/app-scripts upload --ci \ --bundle-dir ./built \ --organization-id some-org-id \ --definition-id some-app-def-id \ --token $MY_CONTENTFUL_PAT
Options:
Argument | Description |
---|---|
--bundle-dir | The directory of your build folder (e.g.: ./build ) |
--organization-id | The ID of your organisation |
--definition-id | The ID of the app to which to add the bundle |
--token | A personal access token |
--skip-activation | (optional) Boolean flag to skip the automatic activation of the AppBundle |
Note: You can also pass all arguments in interactive mode to skip being asked for it.
Allows you to activate an AppBundle for an AppDefinition. When activated the app will serve the newly activated AppBundle.
In the interactive mode, the CLI will ask for all required options
Example
$ npx --no-install @contentful/app-scripts activate
When passing the --ci
argument adding all variables as arguments is required
Example
$ npx --no-install @contentful/app-scripts activate --ci \ --bundle-id some-bundle-id \ --organization-id some-org-id \ --definition-id some-app-def-id \ --token $MY_CONTENTFUL_PAT
Options:
Argument | Description |
---|---|
--bundle-id | The ID of the AppBundle you want to activate |
--organization-id | The ID of your organisation |
--definition-id | The ID of the app to which to add the bundle |
--token | A personal access token |
Note: You can also pass all arguments in interactive mode to skip being asked for it.
FAQs
A collection of scripts for building Contentful Apps
The npm package @contentful/app-scripts receives a total of 9,456 weekly downloads. As such, @contentful/app-scripts popularity was classified as popular.
We found that @contentful/app-scripts demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.