Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@pigeon-posse/pkg-extended-scripts
Advanced tools
:warning: This package is still in beta version. It can be installed and used but things may change in the future.
List all your scripts in a separate file to the package.json
Separate the package.json scripts to another file and run them with the pes
or pkg-extended-scripts
command
npm install @pigeon-posse/pkg-extended-scripts
package.scripts.json
, you can use the extensions .js
or .yml
and yaml
.package.scripts.json
{
"hello" : "echo 'Hello pigeon 🐦🌈'"
}
pes
or pkg-extended-scripts
commandsThat's it, now you can list all your scripts in a separate file to the package.json
If you use the package it may be good practice to leave a scripts in the package.json that indicates that the scripts are in a separate file. For example:
package.json
{
"scripts" : {
"ext-scripts": "npx pes"
}
}
You can contribute via Github
Help us to develop more interesting things.
This software is licensed with GPLv3 (GNU GENERAL PUBLIC LICENSE Version 3)
PigeonPosse is a ✨ code development collective ✨ focused on creating practical and interesting tools that help developers and users enjoy a more agile and comfortable experience. Our projects cover various programming sectors and we do not have a thematic limitation in terms of projects.
Name | Role | GitHub | |
---|---|---|---|
AngelEspejo | Author | @AngelEspejo | |
PigeonPosse | Collective | @PigeonPosse |
FAQs
Separate scripts from package.json
The npm package @pigeon-posse/pkg-extended-scripts receives a total of 0 weekly downloads. As such, @pigeon-posse/pkg-extended-scripts popularity was classified as not popular.
We found that @pigeon-posse/pkg-extended-scripts demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.