Security News
New Python Packaging Proposal Aims to Solve Phantom Dependency Problem with SBOMs
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
@contentful/app-scripts
Advanced tools
@contentful/app-scripts
This project makes easy to perform some recurrent operations in Contentful's App Framework.
Locally:
npm i --save @contentful/app-scripts
Globally:
npm i -g @contentful/app-scripts
When installed
$ contentful-app-scripts create-app-definition
Otherwise
$ npx --no-install @contentful/app-scripts create-app-definition
// my-script.js
const { createAppDefinition } = require('@contentful/app-scripts')
const { myCustomLogic } = require('./my-custom-logic')
(async function main() {
myCustomLogic();
await createAppDefinition.interactive()
})()
Scripts exported from this module will all be in the following shape
interface Script<Result, Options> {
// query the user or local cache for required information
interactive: () => Result;
// run by automation (`--ci` flag), they would need all the information upfront
nonInteractive: (...options: Options) => Result;
}
:warning: Please note
Both interactive and nonInteractive version of the same script is meant to return the same result.
Allows creating a new AppDefinition provided a Content Management Token (more details here).
It only runs in interactive mode.
Example
$ npx --no-install @contentful/app-scripts create-app-definition
Allows you to upload a build directory and create a new AppBundle that is bound to an AppDefinition. It runs in interactive or non-interactive mode
Note: The command will automatically activate the bundle. To skip the activation you can pass the --skip-activation
argument in interactive and non-interactive mode and then manually activate it
In the interactive mode, the CLI will ask for all required options
Example
$ npx --no-install @contentful/app-scripts upload
When passing the --ci
argument the command will fail when the required variables are not set as arguments.
Example
$ npx --no-install @contentful/app-scripts upload --ci \ --bundle-dir ./built \ --organization-id some-org-id \ --definition-id some-app-def-id \ --token $MY_CONTENTFUL_PAT
Options:
Argument | Description |
---|---|
--bundle-dir | The directory of your build folder (e.g.: ./build ) |
--organization-id | The ID of your organisation |
--definition-id | The ID of the app to which to add the bundle |
--token | A personal access token |
--skip-activation | (optional) Boolean flag to skip the automatic activation of the AppBundle |
Note: You can also pass all arguments in interactive mode to skip being asked for it.
Allows you to activate an AppBundle for an AppDefinition. When activated the app will serve the newly activated AppBundle.
In the interactive mode, the CLI will ask for all required options
Example
$ npx --no-install @contentful/app-scripts activate
When passing the --ci
argument adding all variables as arguments is required
Example
$ npx --no-install @contentful/app-scripts activate --ci \ --bundle-id some-bundle-id \ --organization-id some-org-id \ --definition-id some-app-def-id \ --token $MY_CONTENTFUL_PAT
Options:
Argument | Description |
---|---|
--bundle-id | The ID of the AppBundle you want to activate |
--organization-id | The ID of your organisation |
--definition-id | The ID of the app to which to add the bundle |
--token | A personal access token |
Note: You can also pass all arguments in interactive mode to skip being asked for it.
FAQs
A collection of scripts for building Contentful Apps
We found that @contentful/app-scripts demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
Security News
Socket CEO Feross Aboukhadijeh discusses open source security challenges, including zero-day attacks and supply chain risks, on the Cyber Security Council podcast.
Security News
Research
Socket researchers uncover how threat actors weaponize Out-of-Band Application Security Testing (OAST) techniques across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.