Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
@pkgjs/statusboard
Advanced tools
A WIP attempt to centralize all the work being done in a community
of GitHub projects. When you have work spread across multiple repos
and multiple orginizations, it is often hard to track things. This
is what @pkgjs/statusboard
aims to solve.
create
command to setup a new projectWARNING: work in process, the following doesn't work yet, but soon!
The easiest way to create a status board for your project is using Github Pages. To get started, create a new repo for your project and clone it to your development machine. In the new directory run the following:
# Creates a statusboard project
# @TODO make this command actually work as it does not right now
$ npx @pkgjs/statusboard create
# Setup your config in `index.js
# Then commit your work
$ git commit -am "statusboard setup"
# Create an orphan branch for our builds
$ git checkout --orphan gh-pages
# Remove the files we dont need here
$ git rm -rf .
# Create a .nojekyll file, this turns off pesky github pages stuff
$ touch .nojekyll
$ git commit --am "github pages initial commit"
# Now we setup the branch as a working tree on the master branch
$ git checkout master
$ mkdir build
$ git worktree add build gh-pages
# Now we can run the index and build
$ npm run build
# Now we should have a site in ./build, we can
# commit and push the branches now
$ cd build && git add . && git commit -m "our new statuspage" && git push
FAQs
A dashboard for project status
The npm package @pkgjs/statusboard receives a total of 46 weekly downloads. As such, @pkgjs/statusboard popularity was classified as not popular.
We found that @pkgjs/statusboard demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.