New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
Socket
Book a DemoSign in
Socket
Book a DemoSign in

@irrigable/core

Package Overview
Dependencies
Maintainers
1
Versions
22
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@irrigable/core

Build tool on top of gulp.

latest
npmnpm
Version
0.0.22
Version published
Maintainers
1
Created
Source

irrigable

Streams API on top of gulp, connecting various build tools.

The project is in an early alpha, no testing and unstable interface, stay tuned for updates.

Why another BuildTool?

Irrigable is not designed to replace things it aims to combine existing build tools in a uniform way. This API is heavily inspired by gulp and its stream design. Instead of providing one big config irrigable aims to seperate these in smaller easier managable chunks. Irrigable its self is already a transform stream one can write to. Configs can be organized as a tree like struct, so if an input is attached it can also bubble up to one of its ancestors.

Gulp

One of the biggest problems in gulp is tracking dependencies of sub resources and pointinconfigs in ES7 or Typescript are not supported out of the box.

Webpack

On the other hand webpack and rollups having hard times providing code spliting and external resources like CSS or images. Using import on these resources is not forward compatible and will most likly never be.

Table of Contents

  • Getting Started
  • Overview
  • Nodes
  • Providers
  • Consumers
  • Distributers

Getting Started

npm i -D @irrigable/core

Config

Nodes

All options are optional, most will use the parent node value as fallback.

{
  cwd : String = parent.cwd || process.cwd(),
  base : String = parent.base || ".",
  writeBase : String = parent.writeBase || ".",
  env : String | Array<String> = parent.env,
  extend : Boolean = true,
  last : Boolean = true,
  break : Boolean = true,
  fork : Boolean = false,
  traverse : Function | defaultHandler,
  filter : GlobString | Array<GlobString>,
  micromatch : Object,
  contents : Boolean = true,
  cache : Object = parent.cache,
  split : Boolean = parent.split || true,
  watch : Boolean = parent.watch || false,
  error : Function = parent.error || console.warn
  sourcemap : Boolean = parent.sourcemap || false
  providers : Array<String | Invocable | instanceof ReadableStream> = [],
  pipecompose : Function | defaultHandler,
  inputs : Input | Array<Input> = [],
  pipline : Array<Invocable> = [],
  outputs : Invocable | Array<Invocable> = null,
  tasks : Object<String, Node> = {},
  complete : Function = noop
  rules : Array<Node> = [],
  nodes : Array<Node> = []
}

cwd

Absolute path to current working directory, default to process.cwd. This is usefull if you are using irrigable as a service or integrate with other taskrunners.

readBase

Relative path prepended to glob which is ignored for vinyl.dest paths

writeBase

Relative path which is appended to the outputs paths

env

They offer a way of filtering base on your target enviroment, the can also get combined (i.e. ["development", "nodejs"])

Inputs

This streams will bubble up the tree trying to match one or more nodes. Inputs will receive the stream that issued the transformation as last argument.

{
  task : String,
  last : Boolean,
  glob : String
  pipline : Array<Invocable>,
  outputs : Invocable | Array<Invocable>,
  complete : Function | noop,
  sync : Function | noop,
}

Invocable

Makes internal diffing and hashing more reliable.

function
| {
  [construct | invoke] : String | Function
  args : Object | Array<Object>
}

if options is a function it self, invocation should be handled inside it and the later returned function should contain at least a property that can used for diffing future updates. if invoke or construct is a String, this will require the given module which should export a function.

CLI

The CLI will write a new config to the root stream, with the following options possible:

shortlong
-p--providers
-w--watch
-i--inputs
-o--outputs
-v--verbose

Providers

With providers you can add Subconfigs

ArrayProvider(array)

Push an array of configs the the node, this will not watch for changes.

array : values that should get emitted

Example

const ArrayProvider = require("@aboutweb/irrigable/provider/array.js");

new ArrayProvider([
  { inputs : ["./some.config"]}
]);

ImportProvider(options, parent)

Will find all matching files build them using rollup, execute them inline and emit its module.exports. This will also watch for changes.

options : {
  glob : GlobString | Array<GlobString>,
  cwd : String = parent.cwd || process.cwd(),
  base : String = parent.base || ".",
  watch : Boolean = parent.watch || false,
  error : Function = parent.error || console.warn,
  pipeline : Array<Invocable> = [],
},
parent : Object = {} node that invoked the provider

const irrigable = require("@aboutweb/irrigable");
const ImportProvider = require("@aboutweb/irrigable/provider/import.js");

const node = irrigable.addNode({
  providers : [{
    construct : ImportProvider,
    args : {
      glob : ["./**/build.js"]
    }
  }]
});

//shorthand

const short = irrigable.addNode({
  providers : ["./**/build.js"]
});

Processors

  • irrigable-html
  • irrigable-sass
  • irrigable-postcss
  • irrigable-webpack
  • irrigable-rollup

Transforms

Licence

ISC

FAQs

Package last updated on 18 Mar 2019

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Supply Chain Attack on Axios Pulls Malicious Dependency from npm

Research

Supply Chain Attack on Axios Pulls Malicious Dependency from npm

A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.

By Socket Research Team  -  Mar 31, 2026