Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
@iopipe/scripts
Advanced tools
Scripts for IOpipe projects
This module is distributed via [npm][npm] which is bundled with [node][node] and
should be installed as one of your project's devDependencies
:
npm install --save-dev iopipe-scripts
This is a CLI and exposes a bin called iopipe-scripts
. I don't really plan on
documenting or testing it super duper well because it's really specific to my
needs. You'll find all available scripts in src/scripts
.
This project actually dogfoods itself. If you look in the package.json
, you'll
find scripts with node src {scriptName}
. This serves as an example of some
of the things you can do with iopipe-scripts
.
Unlike react-scripts
, iopipe-scripts
allows you to specify your own
configuration for things and have that plug directly into the way things work
with iopipe-scripts
. There are various ways that it works, but basically if you
want to have your own config for something, just add the configuration and
iopipe-scripts
will use that instead of it's own internal config. In addition,
iopipe-scripts
exposes its configuration so you can use it and override only
the parts of the config you need to.
This can be a very helpful way to make editor integration work for tools like ESLint which require project-based ESLint configuration to be present to work.
So, if we were to do this for ESLint, you could create an .eslintrc
with the
contents of:
{"extends": "./node_modules/iopipe-scripts/eslint.js"}
Note: for now, you'll have to include an
.eslintignore
in your project until this eslint issue is resolved.
Or, for babel
, a .babelrc
with:
{"presets": ["iopipe-scripts/babel"]}
Or, for jest
:
const { jest: jestConfig } = require('iopipe-scripts/config');
module.exports = Object.assign(jestConfig, {
// your overrides here
});
Note:
iopipe-scripts
intentionally does not merge things for you when you start configuring things to make it less magical and more straightforward. Extending can take place on your terms. I think this is actually a great way to do this.
Thanks to Kent C. Dodds and contributors for the base repository. https://github.com/kentcdodds/kcd-scripts
FAQs
CLI for common scripts for IOpipe projects
The npm package @iopipe/scripts receives a total of 18 weekly downloads. As such, @iopipe/scripts popularity was classified as not popular.
We found that @iopipe/scripts demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.