Sign inDemoInstall


Package Overview
File Explorer

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies



Version published
Weekly downloads
increased by69.38%
Weekly downloads



NPM Library Template

This template is for creating NPM module libraries

What this template does for you

  • Provides a .gitlab-ci.yml to manage the CI/CD pipeline
  • Runs your Unit Tests with every push to the remote repository
  • Analyzes your code with:
    • linting rules
    • run a SAST check
    • Pushes your code coverage analysis to SonarQube
  • Ensures your code passes the SonarQube Quality Gate
  • Utilizes Semantic Release, which means the pipeline will handle versioning
  • Publishes your module to npmjs

Follow these steps to create a new project using this template:

1. Clone this project to your local machine and remove the git control file

Note: We use 'my-project' as the name of your new project

git clone <my-project>
cd <my-project>
rm -rf .git
2. Create your new project in Gitlab
  1. In the appropriate sub-group select "New project"
  2. Name your project
  3. Select a project description (optional)
  4. Select "Create project"
3. Connect your local project to the gitlab remote project

You can copy and paste the section in the gitlab command line instructions of your new project into the command line of your local project. It will look like the following but will have your project specific details.

cd <your project folder if you are not already there>
git init
git remote add origin <your gitlab project url>
git add .
git commit -m "Chore: Initial commit"
git push -u origin master
4. Add rules to your new project repository
  • Under Settings Select Repository
    • Select Push Rules (See Sample)
      1. Check Do not allow users to remove git tags with git push
    • Click on Expand in the Protected Branches section (See Sample)
      • master should already be set as your default branch. For master do the following:
        1. Set Allowed to merge to Developers + Maintainers
        2. Set Allowed to push to Maintainers
        3. Set Code owner approval to Off
5. Update your new project with your project specific settings and information
  1. Replace the with a proper readme that will be displayed on npmjs (See Sample)
  2. Update these settings in your package.json
  • Note: All module names should be created in the @nuskin namespace.
  "name": "@nuskin/npm-library-template",
  "description": "The description that will amaze and astound your audience when they read it",
  "repository": {
    "type": "git",
    "url": ""
  "author": "Ian Harisay <>",
  "homepage": ""
6. Determine if your module should be public or private

If your module should be public and published to, nothing needs to be done. This is the default behavior. If you need to publish to the private npm repository, inside gitlab-ci.yml update PRIVATE_NPM to true

  PRIVATE_NPM: "true"
7. Turning on your CI/CD pipeline

Once you are ready for your project to start running the CI/CD pipeline, you should rename the gitlab-ci.yml to .gitlab-ci.yml.

git mv gitlab-ci.yml .gitlab-ci.yml
git commit -am"Chore: renaming gitlab-ci.yml to .gitlab-ci.yml so my pipeline runs"
git push

TODO: Write documentation about Semantic Release (don't forget prereleases)

How to use Semantic Release in your pipeline

Link to another page or write up instructions on how Semantic Release works with the pipeline

eslint commit-analyzer rules.


Last updated on 17 Apr 2024

Did you know?


Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.


Related posts

SocketSocket SOC 2 Logo


  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap


Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc