Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
action-gen
Advanced tools
Node CLI tool that generates an action.yml
and README.md
for GitHub Actions from a config file. It is further intended to keep both action.yml
and README.md
in sync after initial generation by relying on a single source of truth (the config) for changes.
action-gen [options]
--actionDirectory [relative path to directory containing action]
(shorthand: -a
)
./
if omittedaction.yml
, README.md
and .actionrc.[js|json]
--config [relative path to action config file]
(shorthand: -c
)
./.actionrc.js
if omittedjs
and json
are the only supported configurations.--init
(shorthand: -i
)
./
unless --actionDirectory
also specifiedFor use when creating a brand new Action. This will generate a boilerplate .actiongenrc.js
with all possible options, then generate an action.yml
and README.md
from the boileplate template.
Initialize .actiongenrc.js
, action.yml
and README.md
in ./
action-gen init
Initialize .actiongenrc.js
, action.yml
and README.md
in subdirectory ./some/dir
action-gen init -a ./some/dir
Generates a new .actiongenrc.js
from an existing action.yml
. This is useful in existing projects where maintaining the action.yml and README.md is desired from a single source of truth.
Generate .actiongenrc.js
in ./
from an existing action.yml
action-gen -f ./action.yml
Generate .actiongenrc.js
in subdirectory ./some/dir
from an existing action.yml
action-gen init -a ./some/dir -f ./some/dir/.actiongenrc.js
Generates new or synchronizes an existing action.yml and README.md from an existing .actiongenrc.js
Generate/sync action in ./
action-gen generate
Generate/sync action in ./some/dir
action-gen generate -a ./some/dir
Generate/sync action in ./some/dir
with config in different directory
action-gen -a ./some/dir -c ./configs/some-config.js
Once Actions are being maintained by an .actiongenrc.js
config file, it's easy to automate the synchronization of action.yml
and README.md
as part of a pre-commit hook. Husky makes running sync scripts on pre-commit
hooks easy.
npm install --save-dev action-gen husky
FAQs
Generate GitHub Action action.yml and README.md from config file
We found that action-gen demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.