Security News
Oracle Drags Its Feet in the JavaScript Trademark Dispute
Oracle seeks to dismiss fraud claims in the JavaScript trademark dispute, delaying the case and avoiding questions about its right to the name.
By Sarah Gooding - Feb 07, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@reason-native-web/h1-lwt
Advanced tools
@reason-native-web/h1-lwt
This repo is used for publishing packages to npm that are either unreleased or depend on unreleased packages. This removes the need for resolutions in users' package.json.
- 1.2.2000
- npm
Vendor
This repo is used for publishing packages to npm that are either unreleased or depend on unreleased packages. This removes the need for resolutions in users' package.json.
Add a package
This example uses
websocketaf
Add the git submodule, it is important that you use the https version because of the github workflow:
git submodule add https://github.com/anmonteiro/websocketaf.git
Create a websocketaf.json and whatever else is needed, in websocketaf's case we also need websocketaf-lwt.json and websocketaf-lwt-unix.json.
Note: I usually just copy another package that is similar, in this case h1.json
Check the coresponding .opam file, eg. websocketaf.opam, websocketaf-lwt.opam and websocketaf-lwt-unix.opamfor dependencies and add them to the json files accordingly.
Add build instructions under esy:
"esy": {
"build": "dune build --only-packages=websocketaf --profile=release -j 4 --root=./websocketaf",
"install": "esy-installer #{self.target_dir / 'default' / 'websocketaf.install'}"
}
Add a files key that points to the folder where it's cloned, in this case : "files": ["websocketaf"],
Update publish.yml with the added libraries in the topological order. The order is important if a library depends on another library since they will be published in order to be able to build the next.
FAQs
This repo is used for publishing packages to npm that are either unreleased or depend on unreleased packages. This removes the need for resolutions in users' package.json.
The npm package @reason-native-web/h1-lwt receives a total of 1 weekly downloads. As such, @reason-native-web/h1-lwt popularity was classified as not popular.
We found that @reason-native-web/h1-lwt demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Package last updated on 11 Jul 2020
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Linux Foundation Warns Open Source Developers: Compliance with Sanctions Is Not Optional
The Linux Foundation is warning open source developers that compliance with global sanctions is mandatory, highlighting legal risks and restrictions on contributions.
By Sarah Gooding - Feb 06, 2025
Security News
Maven Central Adds Sigstore Signature Validation
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.
By Sarah Gooding - Feb 06, 2025