Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
@sewing-kit/plugins
Advanced tools
@sewing-kit/plugins
Provides API for building sewing-kit
plugins.
For a more in-depth explanation of plugins and the philosophy behind them, check out these docs
@sewing-kit/plugins
also re-exports numerous types and classes from other sewing-kit
packages, such as core
, tasks
, and hooks
.
yarn add @sewing-kit/plugins --dev
In sewing-kit
, plugins are the things that actually "do" stuff. They piggyback off the architecture provided by sewing-kit
's core (i.e. hooks) to inject actual actions into your workspace's tasks.
The @sewing-kit
monorepo provides a suite of ready-made plugins for common use cases, like type-checking with TypeScript, transpiling with Babel, and testing with Jest. However, using sewing-kit
's API you're able (and encouraged) to write your own to fit your specific needs.
Below is an example sewing-kit.config.ts
that sets up a sewing-kit
workspace to lint with ESLint, test with Jest, and type-check with TypeScript. It also includes a custom plugin made with createWorkspaceTestPlugin
that taps into the jestConfig
hook introduced by the jest
plugin to specify a coverage directory.
import {createWorkspace} from '@sewing-kit/config';
import {eslint} from '@sewing-kit/plugin-eslint';
import {jest} from '@sewing-kit/plugin-jest';
import {workspaceTypeScript} from '@sewing-kit/plugin-typescript';
import {createWorkspaceTestPlugin} from '@sewing-kit/plugins';
export default createWorkspace((workspace) => {
workspace.use(
eslint(),
jest(),
workspaceTypeScript(),
createWorkspaceTestPlugin('JestCoveragePlugin', (taskContext) => {
const {hooks: taskHooks} = taskContext;
taskHooks.configure.hook((configHooks) => {
configHooks.jestConfig?.hook((jestConfig) => ({
...jestConfig,
coverageDirectory: './coverage',
}));
});
}),
);
});
Plugins can do anything from configuring hooks, adding steps to tasks, or introducing hooks for other plugins to hook into. Note that JestCoveragePlugin
makes use of the jestConfig
hook, which isn't provided by core sewing-kit
but is introduced to the workspace by jest
.
For more examples on how to write your own plugins, check out the source code for @sewing-kit/plugin-jest
, @sewing-kit/plugin-eslint
, @sewing-kit/plugin-typescript
, among others.
The following functions are provided by @sewing-kit/plugins
to help make writing your own plugins easier:
For composing several plugins into one:
createComposedProjectPlugin()
createComposedWorkspacePlugin()
For project plugins:
createProjectBuildPlugin()
createProjectDevPlugin()
createProjectPlugin()
createProjectTestPlugin()
For workspace plugins:
createWorkspaceBuildPlugin()
createWorkspaceDevPlugin()
createWorkspaceLintPlugin()
createWorkspacePlugin()
createWorkspaceTestPlugin()
createWorkspaceTypeCheckPlugin()
FAQs
APIs for building sewing-kit-next plugins
The npm package @sewing-kit/plugins receives a total of 62 weekly downloads. As such, @sewing-kit/plugins popularity was classified as not popular.
We found that @sewing-kit/plugins demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.