
Research
SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains
An emerging npm supply chain attack that infects repos, steals CI secrets, and targets developer AI toolchains for further compromise.
@sanity/export
Advanced tools
Exports documents and assets from a Sanity dataset
npm install --save @sanity/export
import {exportDataset} from '@sanity/export'
exportDataset({
// Instance of @sanity/client configured to correct project ID and dataset
client: someInstantiatedSanityClientInstance,
// Name of dataset to export
// Cannot be combined with `mediaLibraryId`.
dataset: 'myDataset',
// Path to write tar.gz-archive file to, or `-` for stdout
outputPath: '/home/your-user/myDataset.tar.gz',
// Whether or not to export assets. Note that this operation is currently slightly lossy;
// metadata stored on the asset document itself (original filename, for instance) might be lost
// Default: `true`
assets: false,
// Exports documents only, without downloading or rewriting asset references
// Default: `false`
raw: true,
// Whether or not to export drafts
// Default: `true`
drafts: true,
// Export only given document types (`_type`)
// Optional, default: all types
types: ['products', 'shops'],
// Run 12 concurrent asset downloads
assetConcurrency: 12,
// What mode to use when exporting documents, can be eiter `stream`(default) or `cursor`.
// Cursor mode might help when dealing with large datasets, but might yield inconsistent results if the dataset is mutated during export.
// Default: 'stream'
mode: 'stream',
// Export data from a media library, instead of a dataset.
// Cannot be combined with `dataset`.
mediaLibraryId: 'myMediaLibrary',
// Whether to include the `assets.json` assets map. This file is not necessary when creating a
// media library archive.
// Caution: customising this option may result in an archive being produced that is impossible to import.
// Optional, default: `true`
assetsMap: true,
// A custom filter function for controlling which documents are exported.
// Optional, default: `() => true`
filterDocument: (document) => (document.title ?? '').includes('capybara'),
// A custom transformation function for controlling how each document is exported.
// Caution: customising this option may result in an archive being produced that is impossible to import.
// Optional, default: `document => document`
transformDocument: (document) => ({
...document,
title: document.title ?? 'capybara',
}),
})
filename (<num>).ext)This functionality is built in to the @sanity/cli package as sanity dataset export
MIT-licensed. See LICENSE.
contentful-export is a utility for exporting data from a Contentful space. It allows you to export content types, entries, assets, and locales into a JSON file. Similar to @sanity/export, it is used for backups, migrations, and data transfers. However, it is specific to Contentful, whereas @sanity/export is specific to Sanity.io.
strapi-plugin-import-export-content is a plugin for Strapi that allows you to import and export content types, entries, and assets. It provides similar functionality to @sanity/export but is designed for use with Strapi, a different headless CMS.
FAQs
Export Sanity documents and assets
The npm package @sanity/export receives a total of 154,304 weekly downloads. As such, @sanity/export popularity was classified as popular.
We found that @sanity/export demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 114 open source maintainers collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
An emerging npm supply chain attack that infects repos, steals CI secrets, and targets developer AI toolchains for further compromise.

Company News
Socket is proud to join the OpenJS Foundation as a Silver Member, deepening our commitment to the long-term health and security of the JavaScript ecosystem.

Security News
npm now links to Socket's security analysis on every package page. Here's what you'll find when you click through.