Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
@lmc-eu/spirit-codemods
Advanced tools
Codemods for migration to the newer version of the Spirit Design library.
spirit-codemods
is a CLI tool designed to assist you in migrating to the latest version of our Spirit Design System library. This tool efficiently handles the removal of breaking changes and deprecations with simple commands.
For React transformations, it utilizes the jscodeshift library.
No installation of this package is necessary; you can run it using npx
.
To view the available arguments for this package, use -h
or --help
as shown in the example below:
npx @lmc-eu/spirit-codemods -h
There are two mandatory arguments: -p
/--path
and -t
/--transformation
.
The former specifies the directory path where you want to execute transforms, while the latter specifies the desired codemod to run.
npx @lmc-eu/spirit-codemods -p ./ -t v2/web-react/<codemod-name>
Other optional arguments include:
-v
/--version
- Displays current version-h
/--help
- Displays this message-e
/--extensions
- Extensions of the transformed files, default: ts,tsx,js,jsx
--parser
- Parser to use (babel, ts, tsx, flow), default: tsx
--ignore
- Ignore files or directories, default: **/node_modules/**
For example, this could be the command you will run:
npx @lmc-eu/spirit-codemods -p ./src -t v2/web-react/fileuploader-prop-names -e js,jsx --parser babel
FAQs
Codemods scripts for Spirit Design System packages
The npm package @lmc-eu/spirit-codemods receives a total of 2 weekly downloads. As such, @lmc-eu/spirit-codemods popularity was classified as not popular.
We found that @lmc-eu/spirit-codemods demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.