Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@envsa/repo-config

Package Overview
Dependencies
Maintainers
0
Versions
35
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@envsa/repo-config

Repository configuration and GitHub workflows for @envsa/shared-config.

  • 8.0.3
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
41
decreased by-88.39%
Maintainers
0
Weekly downloads
 
Created
Source

@envsa/repo-config

NPM Package @envsa/repo-config License: MIT

Repository configuration and GitHub workflows for @envsa/shared-config.

Overview

It's a pnpm-flavored shared config with some essential files for a fresh repo.

This includes the following:

  • .npmrc with hoisting patterns for shared-config tool access
  • .gitignore with typical patterns
  • .editorconfig for basic code style settings
  • .vscode extension recommendations (additional settings and recommendations come from other shared-config packages)
  • .github folder with workflows:
    • github-release.yml Automates turning turning vX.X.X tags on main into GitHub releases with changelogs
    • sync-metadata.yml Populates GitHub repo metadata from package.json

In order to work around some hoisting issues related to plugin resolution in the other @envsa/shared-config packages, it's critical that it is applied before any other @envsa/shared-config packages are installed.

See @envsa/shared-config for the recommended single-package approach.

Setup

Run-once approach

If you just need to set up your .npmrc in anticipation of installing another shared config, you can run the script via dlx to copy the .npmrc to your home folder:

pnpm dlx @envsa/repo-config --init

Installation approach

Optionally, you can install the package if you think you'll ever want to regenerate the repo config files.

  1. Add the package:

    pnpm add -D @envsa/repo-config
    
  2. If / when you need to regenerate the repo config files, you can run the bundled script:

    pnpm exec repo-config --init
    

GitHub Configuration

There are two options for authenticating the release workflow action:

GitHub Token
  1. Ensure that read / write permissions are set for actions on the repository under Settings → Actions → General → Workflow permissions.
Personal Access token

If you want releases to come from your account instead of github_actions, then:

  1. Create a fine-grained personal access token in your GitHub account with the following permissions:

    PermissionAccess
    AdministrationRead and write
    ContentsRead and write
    MetadataRead-only
  2. Add the token as a secret to the repository under the key PERSONAL_ACCESS_TOKEN.

GitHub Actions

Note: Action dependencies have been forked.

OriginalForkModifications
bullrich/generate-release-changelogkitschpatrol/github-action-release-changelog
softprops/action-gh-releasekitschpatrol/github-action-release
kbrashears5/github-action-repo-synckitschpatrol/github-action-repo-sync

Usage

CLI

Command: repo-config

Repository configuration and GitHub workflows for @envsa/shared-config.

Usage:

repo-config [<file|glob> ...]
OptionArgumentDescription
--init
-i
Initialize by copying starter config files to your project root.
--print-config
-p
<path>Print the effective configuration at a certain path.
--help
-h
Print this help info.
--version
-v
Print the package version.

Credits

Eric Mika is the author of the original @kitschpatrol/shared-config project on which this is based.

License

MIT © Liam Rella

Keywords

FAQs

Package last updated on 13 Nov 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc