Security News
New Python Packaging Proposal Aims to Solve Phantom Dependency Problem with SBOMs
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
@nrwl/devkit
Advanced tools
The Nx Devkit is used to customize Nx for different technologies and use cases. It contains many utility functions for reading and writing files, updating configuration, working with Abstract Syntax Trees(ASTs), and more.
The @nrwl/devkit package is a set of utilities designed to improve the developer experience by providing tools for building, testing, and managing Angular and React projects within a monorepo setup. It is part of the Nx ecosystem, which focuses on bringing a unified approach to working with modern web technologies.
Generating Components
This feature allows developers to programmatically generate components or other files within their project. The code sample demonstrates how to use the `generateFiles` function to create a new component in a library within the monorepo.
import { generateFiles } from '@nrwl/devkit';
function generateMyComponent(tree, schema) {
generateFiles(tree, path.join(__dirname, './files'), '/libs/mylib/src/lib', {
tmpl: '',
name: schema.name
});
}
Updating JSON Configuration
This feature provides a straightforward way to update JSON files, such as `tsconfig.json` or `.eslintrc.json`, programmatically. The code sample shows how to modify the `tsconfig.base.json` to add a new path mapping for a library.
import { updateJson } from '@nrwl/devkit';
function updateTsConfig(tree) {
updateJson(tree, 'tsconfig.base.json', (json) => {
json.compilerOptions.paths['@myorg/mylib'] = ['libs/mylib/src/index.ts'];
return json;
});
}
Executing Schematic Tasks
This feature enables developers to execute tasks such as adding project configurations or formatting files. The code sample illustrates how to add a new library configuration to the workspace and then format all files according to the workspace's prettier or eslint configurations.
import { addProjectConfiguration, Tree, formatFiles } from '@nrwl/devkit';
function addMyLib(tree: Tree) {
addProjectConfiguration(tree, 'my-lib', {
root: './libs/my-lib',
projectType: 'library',
targets: {},
});
formatFiles(tree);
}
Lerna is a tool for managing JavaScript projects with multiple packages, similar to the Nx workspace concept. While Lerna focuses on multi-package repositories (monorepos), it does not provide the same level of integration for Angular and React projects or the same developer tools and utilities as @nrwl/devkit.
Yeoman is a generic scaffolding system allowing the creation of any kind of app. It provides generators for a wide variety of applications and frameworks. Compared to @nrwl/devkit, Yeoman is more flexible but lacks the specific optimizations and integrations for Angular and React projects within a monorepo setup.
Nx is a next generation build system with first class monorepo support and powerful integrations.
This package contains a set of utilities for creating Nx plugins.
Using npx
npx create-nx-workspace
Using npm init
npm init nx-workspace
Using yarn create
yarn create nx-workspace
Run:
npx nx@latest init
FAQs
The Nx Devkit is used to customize Nx for different technologies and use cases. It contains many utility functions for reading and writing files, updating configuration, working with Abstract Syntax Trees(ASTs), and more. Learn more about [extending Nx by
The npm package @nrwl/devkit receives a total of 1,202,387 weekly downloads. As such, @nrwl/devkit popularity was classified as popular.
We found that @nrwl/devkit demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
Security News
Socket CEO Feross Aboukhadijeh discusses open source security challenges, including zero-day attacks and supply chain risks, on the Cyber Security Council podcast.
Security News
Research
Socket researchers uncover how threat actors weaponize Out-of-Band Application Security Testing (OAST) techniques across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.