Socket
Socket
Sign inDemoInstall

@nuskin/cart-sdk

Package Overview
Dependencies
2
Maintainers
5
Versions
36
Alerts
File Explorer

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

@nuskin/cart-sdk


Version published
Weekly downloads
271
increased by69.38%
Maintainers
5
Created
Weekly downloads
 

Readme

Source

NPM Library Template

This template is for creating NPM module libraries


What this template does for you

  • Provides a .gitlab-ci.yml to manage the CI/CD pipeline
  • Runs your Unit Tests with every push to the remote repository
  • Analyzes your code with:
    • linting rules
    • run a SAST check
    • Pushes your code coverage analysis to SonarQube
  • Ensures your code passes the SonarQube Quality Gate
  • Utilizes Semantic Release, which means the pipeline will handle versioning
  • Publishes your module to npmjs

Follow these steps to create a new project using this template:

1. Clone this project to your local machine and remove the git control file

Note: We use 'my-project' as the name of your new project

git clone git@code.tls.nuskin.io:ns-am/templates/npm-library-template.git <my-project>
cd <my-project>
rm -rf .git
2. Create your new project in Gitlab
  1. In the appropriate sub-group select "New project"
  2. Name your project
  3. Select a project description (optional)
  4. Select "Create project"
3. Connect your local project to the gitlab remote project

You can copy and paste the section in the gitlab command line instructions of your new project into the command line of your local project. It will look like the following but will have your project specific details.

cd <your project folder if you are not already there>
git init
git remote add origin <your gitlab project url>
git add .
git commit -m "Chore: Initial commit"
git push -u origin master
4. Add rules to your new project repository
  • Under Settings Select Repository
    • Select Push Rules (See Sample)
      1. Check Do not allow users to remove git tags with git push
    • Click on Expand in the Protected Branches section (See Sample)
      • master should already be set as your default branch. For master do the following:
        1. Set Allowed to merge to Developers + Maintainers
        2. Set Allowed to push to Maintainers
        3. Set Code owner approval to Off
5. Update your new project with your project specific settings and information
  1. Replace the README.md with a proper readme that will be displayed on npmjs (See Sample)
  2. Update these settings in your package.json
  • Note: All module names should be created in the @nuskin namespace.
{
  "name": "@nuskin/npm-library-template",
  "description": "The description that will amaze and astound your audience when they read it",
  "repository": {
    "type": "git",
    "url": "git@code.tls.nuskin.io:ns-am/templates/npm-library-template.git"
  },
  "author": "Ian Harisay <imharisa@nuskin.com>",
  "homepage": "https://code.tls.nuskin.io/ns-am/templates/npm-library-template/blob/master/README.md"
}
6. Determine if your module should be public or private

If your module should be public and published to npmjs.com, nothing needs to be done. This is the default behavior. If you need to publish to the private npm repository nexus3.nuskin.net, inside gitlab-ci.yml update PRIVATE_NPM to true

variables:
  PRIVATE_NPM: "true"
7. Turning on your CI/CD pipeline

Once you are ready for your project to start running the CI/CD pipeline, you should rename the gitlab-ci.yml to .gitlab-ci.yml.

git mv gitlab-ci.yml .gitlab-ci.yml
git commit -am"Chore: renaming gitlab-ci.yml to .gitlab-ci.yml so my pipeline runs"
git push

TODO: Write documentation about Semantic Release (don't forget prereleases)

How to use Semantic Release in your pipeline

Link to another page or write up instructions on how Semantic Release works with the pipeline

eslint commit-analyzer rules.

FAQs

Last updated on 17 Apr 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc