Security News
RubyGems.org Adds New Maintainer Role
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
@gasket/resolve
Advanced tools
Essential module resolution & configuration management for gasket plugins & presets.
Essential module resolution and configuration management for Gasket plugins and presets.
npm i @gasket/resolve
Plugins and presets should adhere to the project-type prefixed naming
convention. This formatting allows user plugins to be referenced with short
names and will help avoid collisions. This convention also mimics those by other
projects such a @babel
and @oclif
.
scope | format | short | description |
---|---|---|---|
project | @gasket/plugin-<name> | @gasket/<name> | Official Gasket project plugin |
user | @<scope>/gasket-plugin-<name> | @<scope>/<name> | Any user plugins with a scope |
none | gasket-plugin-<name> | <name> | Any user plugins with no scope |
scope | format | short | description |
---|---|---|---|
project | @gasket/preset-<name> | @gasket/<name> | Official Gasket project preset |
user | @<scope>/gasket-preset-<name> | @<scope>/<name> | Any user presets with a scope |
none | gasket-preset-<name> | <name> | Any user presets with no scope |
To soften the transition of existing apps and plugins using the older postfixed
format, the loader supports fallbacks for short names to postfixed format, and
then to the @gasket
scope. For example, if a short name of example
is used,
the package lookup order would be as follows:
example --> gasket-plugin-example --> example-gasket-plugin --> gasket/plugin-example --> gasket/example-plugin
For project and user scoped short names, the loader will fall-back to postfixed
format as well. For example, if the short name @user/example
is used:
@user/example --> @user/plugin-example --> @user/example-plugin
Use with caution, and don't rely on it. Consider this behavior deprecated,
which will be removed in a future major release. Short names without the
@gasket
scope should be presumed to resolve to the gasket-plugin-<name>
format.
There are util functions for creating objects for working with different parts of package identifiers for plugins and presets.
const { pluginIdentifier } = require('@gasket/resolve');
// if given a raw name as full package name with version...
let identifier = pluginIdentifier('@gasket/plugin-example@^1.2.0');
console.log(identifier.longName); // @gasket/plugin-example
console.log(identifier.shortName); // @gasket/example
console.log(identifier.version); // ^1.2.0
// if given a raw name as short name...
identifier = pluginIdentifier('@gasket/example');
console.log(identifier.longName); // @gasket/plugin-example
console.log(identifier.shortName); // @gasket/example
console.log(identifier.version); // null
See the API docs for more details on the pluginIdentifier and presetIdentifier util functions.
While this package is mostly intended for gasket project internals, if a plugin
does need to load or resolve modules, a configured Loader instance is
available as gasket.loader
from the engine instance passed as the first
argument to all lifecycle hooks.
// @my/gasket-plugin-example.js
module.exports = {
hooks: {
someLifecycleHook: async function (gasket) {
const moduleInfo = await gasket.loader.loadModule('@some/package');
const module = gasket.loader.tryRequire('some-other-package');
}
}
}
FAQs
Essential module resolution & configuration management for gasket plugins & presets.
The npm package @gasket/resolve receives a total of 48 weekly downloads. As such, @gasket/resolve popularity was classified as not popular.
We found that @gasket/resolve demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.
Security News
Research
Socket's threat research team has detected five malicious npm packages targeting Roblox developers, deploying malware to steal credentials and personal data.