Security News
Cloudflare Adds Security.txt Setup Wizard
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
@definitelytyped/perf
Advanced tools
Performance measuring utilities for [DefinitelyTyped](https://github.com/DefinitelyTyped/DefinitelyTyped).
Performance measuring utilities for DefinitelyTyped.
This is not currently designed for public consumption, so docs, tests, and usage help are very light. The utility is used only in Azure Pipelines for DefinitelyTyped and TypeScript. There are three main functions that run in CI:
getPackagesToBenchmark
queries the Cosmos DB instance to see what packages need to be benchmarked, then generates a file specifying what to run. In another phase, a large number of build agents read that file with the benchmark
entrypoint and benchmark the packages in parallel. After a new TypeScript release, it takes several weeks of running this nightly to cover all of DefinitelyTyped.master
. Then, benchmark the PR, and compare. Post the summary of the results in a comment on the PR. This is done with the compare
CLI entrypoint.typescript@master
, and compare. This is done with the compareTypeScript
CLI entrypoint. Results are uploaded to the typeScriptComparisons
collection in the database.The package registers a bin
called definitely-not-slow
upon installation:
npx definitely-not-slow compare --package react/v16 --upload false
This utility isn’t published to npm; rather, a GitHub workflow produces branches that include the compiled code:
npm install github:andrewbranch/definitely-not-slow#production # Published on every tag
npm install github:andrewbranch/definitely-not-slow#beta # Published on every push to master
It can be useful to queue a Pipelines build manually against a real DefinitelyTyped PR with the variables COMMENT=false
and DNS_VERSION=beta
(definitely-not-slow—bad acronym, sorry) to test changes to definitely-not-slow on real code.
FAQs
Performance measuring utilities for [DefinitelyTyped](https://github.com/DefinitelyTyped/DefinitelyTyped).
We found that @definitelytyped/perf demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.
Security News
ENISA’s 2024 report highlights the EU’s top cybersecurity threats, including rising DDoS attacks, ransomware, supply chain vulnerabilities, and weaponized AI.