Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
@zwave-js/crc16-ccitt
Advanced tools
Readme
@napi-rs/package-template
Template project for writing node package with napi-rs.
yarn add @napi-rs/package-template
node12 | node14 | node16 | |
---|---|---|---|
Windows x64 | ✓ | ✓ | ✓ |
Windows x32 | ✓ | ✓ | ✓ |
Windows arm64 | ✓ | ✓ | ✓ |
macOS x64 | ✓ | ✓ | ✓ |
macOS arm64 | ✓ | ✓ | ✓ |
Linux x64 gnu | ✓ | ✓ | ✓ |
Linux x64 musl | ✓ | ✓ | ✓ |
Linux arm gnu | ✓ | ✓ | ✓ |
Linux arm64 gnu | ✓ | ✓ | ✓ |
Linux arm64 musl | ✓ | ✓ | ✓ |
Android arm64 | ✓ | ✓ | ✓ |
Android armv7 | ✓ | ✓ | ✓ |
FreeBSD x64 | ✓ | ✓ | ✓ |
After yarn build/npm run build
command, you can see package-template.[darwin|win32|linux].node
file in project root. This is the native addon built from lib.rs.
With ava, run yarn test/npm run test
to testing native addon. You can also switch to another testing framework if you want.
With GitHub actions, every commits and pull request will be built and tested automatically in [node@12
, node@14
, @node16
] x [macOS
, Linux
, Windows
] matrix. You will never be afraid of the native addon broken in these platforms.
Release native package is very difficult in old days. Native packages may ask developers who use its to install build toolchain
like gcc/llvm
, node-gyp
or something more.
With GitHub actions
, we can easily prebuild binary
for major platforms. And with N-API
, we should never afraid of ABI Compatible.
The other problem is how to deliver prebuild binary
to users. Download it in postinstall
script is a common way which most packages do it right now. The problem of this solution is it introduced many other packages to download binary which has not been used by runtime codes
. The other problem is some user may not easily download the binary from GitHub/CDN
if they are behind private network (But in most case, they have a private NPM mirror).
In this package we choose a better way to solve this problem. We release different npm packages
for different platform. And add it to optionalDependencies
before release the Major
package to npm.
NPM
will choose which native package should download from registry
automatically. You can see npm dir for details. And you can also run yarn add @napi-rs/package-template
to see how it works.
Rust
Node.js@10+
which fully supported Node-API
yarn@1.x
And you will see:
$ ava --verbose
✔ sync function from native code
✔ sleep function from native code (201ms)
─
2 tests passed
✨ Done in 1.12s.
Ensure you have set you NPM_TOKEN in GitHub
project setting.
In Settings -> Secrets
, add NPM_TOKEN into it.
When you want release package:
npm version [<newversion> | major | minor | patch | premajor | preminor | prepatch | prerelease [--preid=<prerelease-id>] | from-git]
git push
GitHub actions will do the rest job for you.
FAQs
CRC16-CCITT implementation used by the Z-Wave protocol, implemented in Rust
The npm package @zwave-js/crc16-ccitt receives a total of 0 weekly downloads. As such, @zwave-js/crc16-ccitt popularity was classified as not popular.
We found that @zwave-js/crc16-ccitt demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.