@spaceflow/shared
Advanced tools
轻量公共工具库,
@spaceflow/cli和@spaceflow/core共同依赖。
@spaceflow/shared 提供 CLI 壳子和 core 运行时都需要的基础工具函数,避免 CLI 直接依赖 core 的重量级模块。
| 模块 | 说明 |
|---|---|
config | 配置文件读写(readConfigSync、writeConfigSync、deepMerge) |
spaceflow-dir | .spaceflow/ 工作目录管理 |
package-manager | 包管理器检测(pnpm / npm) |
source-utils | 源类型判断(npm / git / local) |
editor-config | 编辑器目录映射 |
verbose | 日志级别定义与解析 |
// 配置
import {
readConfigSync,
writeConfigSync,
deepMerge,
getConfigPath,
getDependencies,
updateDependency,
removeDependency,
getSupportedEditors,
} from "@spaceflow/shared";
// .spaceflow/ 目录
import {
ensureSpaceflowDir,
ensureSpaceflowPackageJson,
ensureDependencies,
loadExtensionsFromDir,
SPACEFLOW_DIR,
} from "@spaceflow/shared";
// 包管理器
import {
getPackageManager,
detectPackageManager,
isPnpmWorkspace,
} from "@spaceflow/shared";
// 源类型
import {
getSourceType,
isGitUrl,
isLocalPath,
normalizeSource,
extractNpmPackageName,
} from "@spaceflow/shared";
// 编辑器
import {
EDITOR_DIR_MAPPING,
DEFAULT_EDITOR,
getEditorDirName,
} from "@spaceflow/shared";
// 日志级别
import { shouldLog, normalizeVerbose, parseVerbose } from "@spaceflow/shared";
@spaceflow/cli ──→ @spaceflow/shared
@spaceflow/core ─→ @spaceflow/shared(重导出部分模块)
FAQs
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Multiple high-impact npm maintainers confirm they have been targeted in the same social engineering campaign that compromised Axios.
Security News
Axios compromise traced to social engineering, showing how attacks on maintainers can bypass controls and expose the broader software supply chain.
Security News
Node.js has paused its bug bounty program after funding ended, removing payouts for vulnerability reports but keeping its security process unchanged.