
Research
Malicious npm Packages Impersonate Flashbots SDKs, Targeting Ethereum Wallet Credentials
Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.
@stellarwp/tyson
Advanced tools
Create and manage custom configurations to build projects with @wordpress/scripts.
Create and manage custom configurations to build projects with @wordpress/scripts.
@wordpres/scripts
Tyson does not wrap @wordpress/scripts
or its commands.
Instead, it provides a utility to create and maintain customized configuration files for your project to allow you to
use @wordpress/scripts
to build and package it.
Tyson comes with a number of configuration presets used by StellarWP teams.
Each configuration preset is composed of configuration schemas and tweaks.
Configuration sets, schemas and tweaks might fit your use case or not. You are free to use them or ignore them.
To install @stellarwp/tyson
, you can use npm
or yarn
.
Navigate to your project directory and run one of the following commands:
Using npm
:
npm install @stellarwp/tyson --save-dev
Using yarn
:
yarn add @stellarwp/tyson --dev
While installing Tyson, and with it the @wordpress/scripts
package, you might run into issues with incompatible
dependencies, especially if your project is using old versions of libraries used by @wordpress/scripts
.
Dealing with these incompatibilities is not something Tyson can do for you: each project is different and has its
own quirks.
Take courage in knowing that, once you've solved the issues, the hardest part is likely done.
This package provides a tyson
binary that will be placed under your project's bin/
folder when you install it.
Whenever you need help or information about available options, you can run:
node_modules/.bin/tyson --help
Initialize your custom webpack.config.js
file using the default configuration:
node_modules/.bin/tyson init
The default configuration will scaffold a webpack.config.js
file that will allow you to customize the behaviour
of the @wordpress/scripts
library.
By default, tyson
will not use any configuration preset and will scaffold a webpack.config.js
file that will not
customize the behaviour in any meaningful way, but it will provide commented examples of how you could do it using the
facilities provided by Tyson.
By default @wordpress/scripts
will build from the /src
directory to the /build
one.
If a webpack.config.js
file already exists in your project, tyson
will not overwrite it and will instead print
the contents of the file it would have written to the terminal, so that you can inspect it and decide whether you
want to use it.
If you want to force overwriting the existing file, you can use the --force
option:
node_modules/.bin/tyson init --force
If you want to work on the project, start by cloning it on your local machine:
git clone git@github.com:stellarwp/tyson.git
cd tyson
Install the project dependencies using the Node version specified in the .nvmrc
file that comes with the project (
using nvm
is suggested):
nvm use
npm install
While you're working on the project, use the start
script to recompile the package to the /dist
directory on change:
npm run start
Update the project as required, then run the pre-commit
script to make sure all works as intended:
npm run pre-commit
The script will format, build and test your code to make sure it's ready to commit.
While working on your changes, you might need to test them in a real project (e.g. a StellarWP product).
For this purpose you can symlink tyson
in your project.
In the tyson
project root directory run:
npm link
Navigate to your project root directory and run:
npm link @stellarwp/tyson
Once you've done this, you will be able to run node_modules/.bin/tyson
from the root directory of the project you're
using to test tyson
.
To release a new version of tyson
, first merge your changes into the main
branch with an approved PR passing all checks.
Then, run the following command to update the version in package.json
:
npm version [patch | minor | major]
or:
npm version <next_version>
You can find more options with the npm version
command documentation (npm version --help
).
Push the updated package.json
file and let the automated workflow (.github/workflows/publish.yml
) publish the new version.
Specific migration guides are available for each suite:
FAQs
Create and manage custom configurations to build projects with @wordpress/scripts.
We found that @stellarwp/tyson demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.
Security News
Ruby maintainers from Bundler and rbenv teams are building rv to bring Python uv's speed and unified tooling approach to Ruby development.
Security News
Following last week’s supply chain attack, Nx published findings on the GitHub Actions exploit and moved npm publishing to Trusted Publishers.