Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
@jsdocs-io/extractor
Advanced tools
Changelog
[0.4.0] - 2022-08-15
Readme
This package downloads npm packages and extracts their public API.
Using npm
:
npm i @jsdocs-io/extractor
Using yarn
:
yarn add @jsdocs-io/extractor
Analyze the latest version of the query-registry
package from the npm registry:
Warning: analyzing packages is a blocking operation that requires some time (even seconds) to finish! Using a worker pool is recommended.
import { analyzeRegistryPackage } from '@jsdocs-io/extractor';
(async () => {
const info = await analyzeRegistryPackage({ name: 'query-registry' });
// Output: 'query-registry'
console.log(info.manifest.name);
// Output: 'string'
console.log(typeof info.api?.overview);
})();
Debug messages are available when the DEBUG
environment variable is set to @jsdocs-io/extractor
:
DEBUG="@jsdocs-io/extractor"
For more information, see the debug package.
AGPL-3.0-or-later
Copyright (C) 2021 Edoardo Scibona
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License along with this program. If not, see https://www.gnu.org/licenses/.
FAQs
Analyze and extract the API from npm packages
The npm package @jsdocs-io/extractor receives a total of 160 weekly downloads. As such, @jsdocs-io/extractor popularity was classified as not popular.
We found that @jsdocs-io/extractor demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.