Security News
New Python Packaging Proposal Aims to Solve Phantom Dependency Problem with SBOMs
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
@networkteam/frontend-scripts
Advanced tools
A webpack based workflow to create frontend-assets.
To use this workflow in your projects, install the package with npm or yarn
npm install @networkteam/frontend-scripts
Add BasePackageName and copy the scripts to your package.json:
"basePackageName": "Customer.Base",
"scripts": {
"build": "npm run webpack",
"build:dev": "npm run webpack:dev",
"start": "npm run webpack:watch",
"webpack": "networkteam-asset-build prod --basePackage $npm_package_basePackageName",
"webpack:dev": "networkteam-asset-build dev --basePackage $npm_package_basePackageName",
"webpack:watch": "networkteam-asset-build watch --basePackage $npm_package_basePackageName"
},
Webpack relies on four entry points to generate JS and CSS Assets:
Start the npm task:
npm start // file watcher with hot reload
npm run build:dev // Development build
npm run build // Production build
Note: Webpack generates a JS-File for every entry point including JS-Files. This will be improved in future Versions of webpack
The generated files will be copied to %PROJECTROOT%/Resources/Public/Dist
including the assets used in CSS (e.g. bg-images or fonts). The paths for the CSS Assets are automatically corrected to the new path by webpack.
This workflow automatically provides aliases for an easier import from different folders:
Every SVG-File located in %BASEROOT%/Resources/Private/Iconfont
will be included in an automatically generated Icon-Font. The Font-Files will be stored in %BASEROOT%/Resources/Private/Fonts
and a SCSS-File can be found in %BASEROOT%/Resources/Private/Scss/0_Base/Icons.scss
. This SCSS-File already kincludes the @font-face rules, classes for the icons to add a before-Element with the icojn (.icon-%FILENAME%
) and also a mixin to use the icon on every element (@include icon(%FILENAME%)
).
If you need a special configuration for your Project, you can add a custom webpack.js to your project root. It will be included automatically:
module.exports = function(env, args) {
return {
output: {
path: newOutputPath
}
};
};
By default a modernizr custom build is generated with setclasses
option and can be imported via
import Modernizr from 'modernizr'; // as named import
import 'modernizr'; // direct import
To extend the configuration and add tests and feature detections, create a .modernizrrc
in your Project Root:
module.exports = {
"feature-detects": [
"test/css/flexbox",
"test/es6/promises",
"test/serviceworker"
]
};
FAQs
networkteam asset build scripts
The npm package @networkteam/frontend-scripts receives a total of 27 weekly downloads. As such, @networkteam/frontend-scripts popularity was classified as not popular.
We found that @networkteam/frontend-scripts demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
Security News
Socket CEO Feross Aboukhadijeh discusses open source security challenges, including zero-day attacks and supply chain risks, on the Cyber Security Council podcast.
Security News
Research
Socket researchers uncover how threat actors weaponize Out-of-Band Application Security Testing (OAST) techniques across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.