Security News
PyPI’s New Archival Feature Closes a Major Security Gap
PyPI now allows maintainers to archive projects, improving security and helping users make informed decisions about their dependencies.
By Sarah Gooding - Jan 30, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@iadvize-oss/hello-world
Advanced tools
hello-world-javascript-library
This is a repo template for other javascript oss libraries at iAdvize. Use it for your new library to have a repository set up with lint, test and usefull github workflows.
Features
Continuous integration
Runs lint, test and build on every commit.
Continuous delivery
Publish canary versions of the library for pull requests. Publish latest version once a pull request is merged on master.
Automatic version bump
Flag your pull requests with patch, minor, major to increment the version
of your package or with no-release otherwise.
Automatic changelog bump
Simply complete the Unreleased section of the changelog in your pull request.
It will be update to the new version once merge.
Automatic release creation
Github releases are created automatically on a new version, using the corresponding part of the changelog as content.
Automatic rebase and merge
Flagging a pull request with the keep-rebased-then-merge flag with keep it
rebased until it can me merged.
[0.0.23]
Added
- fake data
Keywords
FAQs
Say hello
The npm package @iadvize-oss/hello-world receives a total of 23 weekly downloads. As such, @iadvize-oss/hello-world popularity was classified as not popular.
We found that @iadvize-oss/hello-world demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 12 open source maintainers collaborating on the project.
Package last updated on 28 Jan 2020
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
North Korean APT Lazarus Targets Developers with Malicious npm Package
Malicious npm package postcss-optimizer delivers BeaverTail malware, targeting developer systems; similarities to past campaigns suggest a North Korean connection.
By Kirill Boychenko, Peter van der Zee - Jan 29, 2025
Security News
CISA Brings KEV Data to GitHub
CISA's KEV data is now on GitHub, offering easier access, API integration, commit history tracking, and automated updates for security teams and researchers.
By Sarah Gooding - Jan 29, 2025