Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
@guardian/libs
Advanced tools
@guardian/libs
A collection of JavaScript libraries for Guardian projects
The following modules are available:
getLocale
Get the user’s current location.
isString
Check whether a value is a string.
isUndefined
Check whether a value is undefined
.
loadScript
Inject an external JavaScript file.
storage
Robust API over localStorage
and sessionStorage
.
yarn add @guardian/libs
or
npm install @guardian/libs
then
import { loadScript, storage, ...etc } from '@guardian/libs';
or
<script src="https://unpkg.com/@guardian/libs"></script>
<script>
// window.gu.libs = { loadScript, storage, ...etc }
</script>
This package uses ES2020
.
If your target environment does not support that, make sure you transpile this package when bundling your application.
Changes are automatically released to NPM.
The main
branch on GitHub is analysed by semantic-release after every push.
If a commit message follows the conventional commit format, semantic-release can determine what Types of changes are included in that commit.
If necessary, it will then automatically release a new, semver-compliant version of the package to NPM.
Try to write PR titles in the conventional commit format, and squash and merge when merging. That way your PR will trigger a release when you merge it (if necessary).
FAQs
A collection of JavaScript libraries and TypeScript types for Guardian projects
The npm package @guardian/libs receives a total of 1,713 weekly downloads. As such, @guardian/libs popularity was classified as popular.
We found that @guardian/libs demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.