Security News
Crates.io Users Targeted by Phishing Emails
The Rust Security Response WG is warning of phishing emails from rustfoundation.dev targeting crates.io users.
By Sarah Gooding - Sep 12, 2025
@roots/bud
Advanced tools
@roots/bud
Configurable, extensible build tools for modern single and multi-page web applications
@roots/bud
Configurable, extensible build tools for modern single and multi-page web applications
Installation
Install @roots/bud to your project.
Yarn:
yarn add @roots/bud --dev
npm:
npm install @roots/bud --save-dev
Getting started
For help getting started consult the Getting Started guide on bud.js.org
CLI
bud.js is invoked with the bud command.
Call bud --help for usage information.
Node
Instantiate bud.js using the factory export:
import { factory } from "@roots/bud/factory";
const bud = await factory();
Contributing
Contributions are welcome from everyone.
We have contribution guidelines to help you get started.
License
@roots/bud is licensed under MIT.
Community
Keep track of development and community news.
- Join us on Roots Slack by becoming a GitHub sponsor
- Participate on the Roots Discourse
- Follow @rootswp on Twitter
- Read and subscribe to the Roots Blog
- Subscribe to the Roots Newsletter
Sponsors
bud.js is an open source project and completely free to use.
However, the amount of effort needed to maintain and develop new features and projects within the Roots ecosystem is not sustainable without proper financial backing. If you have the capability, please consider sponsoring Roots.
FAQs
Configurable, extensible build tools for modern single and multi-page web applications
The npm package @roots/bud receives a total of 6,626 weekly downloads. As such, @roots/bud popularity was classified as popular.
We found that @roots/bud demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 5 open source maintainers collaborating on the project.
Package last updated on 09 Dec 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Introducing Custom Pull Request Alert Comment Headers
Socket now lets you customize pull request alert headers, helping security teams share clear guidance right in PRs to speed reviews and reduce back-and-forth.
By André Staltz - Sep 12, 2025
Product
Rust Support Now in Beta
Socket's Rust support is moving to Beta: all users can scan Cargo projects and generate SBOMs, including Cargo.toml-only crates, with Rust-aware supply chain checks.
By Mikola Lysenko, Trevor Norris - Sep 11, 2025