Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
@itsjavi/devv
Advanced tools
Readme
devv
is a zero-config Docker-based tool to allow developers running app maintenance scripts inside containers, without writing a single line of Dockerfile. This is useful specially to run command-line tools, you won't need to have your own docker files to do that.
When you run devv [IMAGE] [COMMAND]
in your current directory, it will mount it
as delegated volume, together with some of your $HOME
files(*) and folders needed
to run tasks like git push
, npm publish
, composer install
, etc. which usually require
credentials.
(*) From your $HOME, it only mounts the following (read-only): ~/.npmrc
, ~/.composer/auth.json
, ~/.gitconfig
, ~/.gitignore_global
You can clone this repository and run bin/devv-init
, then you will have to manually config the bin
directory in your $PATH
variable to have devv
available everywhere.
Alternatively, if you have node installed in your OS, you can install it globally with npm
.
npm i -g @itsjavi/devv && \
devv-init
The Docker images are built by you, so you can customize this project to your needs and run devv-init
every time you need.
Node & npm:
node
node:15
node:16
, node:latest
, node
npm
(runs on node:latest
)PHP & composer:
php
php:7
php:7-xdebug
php:8
, php:latest
, php
php:8-xdebug
composer
(runs on php:latest
)Go (planned):
go
go:1.15
go:1.16
go:latest
# Usage template:
devv [LANG]:[VERSION] [COMMAND] [...PARAMETERS]
# Examples:
devv node:16 node --version
devv node npm install
devv npm install
devv php:8 php --ini
devv php composer install
devv composer install
# Running phpunit with code coverage:
devv php:7-xdebug XDEBUG_MODE=coverage vendor/bin/phpunit
FAQs
Zero-config local development dockerization of programming languages and their package managers
We found that @itsjavi/devv demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.