Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
alfred-link
Advanced tools
Make your Alfred workflows installable from npm
$ npm install --save alfred-link
Add the alfred-link
command as postinstall
script of your Alfred package and add alfred-unlink
as preuninstall
script to clean up the resources when the workflow gets uninstalled.
{
"name": "alfred-unicorn",
"scripts": {
"postinstall": "alfred-link",
"preuninstall": "alfred-unlink"
}
}
You can now install the alfred-unicorn
package like this
$ npm install -g alfred-unicorn.
This will update info.plist
with the information from package.json
and creates a unicorn
symlink inside the Alfred workflows directory that points to the location of the alfred-unicorn
module.
This package will update the info.plist
file when the workflow is being installed. The following properties in info.plist
can be safely omitted. The corresponding values in package.json
are added to the plist file.
info.plist | package.json |
---|---|
version | version |
description | description |
webaddress | homepage |
createdby | author.name |
When developing an Alfred workflow, you can call alfred-link
directly from your cli. Either by installing alfred-link
globally or by calling alfred-link
from your node_modules/.bin
directory. This will create a symlink in the Alfred workflows directory pointing to your development location without transforming info.plist
.
$ ./node_modules/.bin/alfred-link
To remove the symlink afterwards, you can call alfred-unlink
.
$ ./node_modules/.bin/alfred-unlink
MIT © Sam Verschueren
FAQs
Make your Alfred workflows installable from npm
The npm package alfred-link receives a total of 61 weekly downloads. As such, alfred-link popularity was classified as not popular.
We found that alfred-link demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.