Security News
RubyGems.org Adds New Maintainer Role
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
backpack-react-scripts
Advanced tools
This package is a fork of Create React App (specifically the react-scripts
package). It's intended
to be used in conjuction with create-react-app
like so:
# we still rely on facebooks global `create-react-app` cli
npm install -g create-react-app
# specify `backpack-react-scripts` as the scripts package to use
create-react-app my-app --scripts-version=backpack-react-scripts
# start your app development like you normally would with `create-react-app`
cd my-app
npm start
Out of the box, create-react-app
doesn't work well with Backpack components because it has no support for
Sass stylesheets or uncompiled dependencies in the node_modules
folder. We also want to be able to tailor
the template to use Backpack out-the-box.
We wish to keep this fork updated with the upstream repo to benefit from the ongoing open source development
of create-react-app
. Please follow the steps outlined in this guide to keep this fork up to date e.g:
git remote add upstream git@github.com:facebookincubator/create-react-app.git
git fetch upstream
git rebase upstream/master
You will most likely run into merge conflicts during this process. If so, please take care to fix them whilst preserving the custom functionality we have added in the fork.
This is a high-level overview of the changed we made to this fork.
See
config/webpack.config.{dev,prod}.js
,package.json
,scripts/{eject,init}.js
,template/.eslintrc
By default, react-scripts runs all code through ESLint on build. As our ESLint configuration is quite opinionated, we have disabled this functionality.
We have added an npm script so you can still run the linter at will using npm run lint
.
See
package.json
,template/.stylelintrc.json
We added Skyscanner's Stylelint configuration.
See
scripts/init.js
,template/src/*
We pre-install some Backpack components to help you get started quickly.
See
config/webpack.config.ssr.js
This Webpack configuration is used to to enable easy server-side rendering. It is derived from config/webpack.config.prod.js
.
Everything that we don't need from the prod config is not removed, but commented out.
dependencies
to devDependencies
See
scripts/init.js
Any app built with backpack-react-scripts should always output a bundle, and therefore it is enough to keep React and ReactDOM in devDependencies
. In many cases, they should also be external dependencies (not part of the bundle).
As the CRA CLI install React and ReactDOM, we cannot really do anything about that; but we can move the entries in package.json
from dependencies
to devDependencies
.
See
config/webpack.config.{dev,prod,ssr}.js
All Sass files are by default treated as CSS Modules. You can opt out of this behaviour using the following config option:
"backpack-react-scripts": {
"cssModules": false
}
If you decide to opt out, Sass files will not be treated as CSS Modules by default. However, you can opt-in on a per-file basis using the naming convention: *.module.scss
.
Backpack components will always be treated as CSS Modules, even if you opt out
backpack-react-scripts
Please refer to the CONTRIBUTING.md in the root of this repo. All other packages have had their
package.json
's modified to be private therefore they won't be published to the npm registry.
FAQs
Backpack configuration and scripts for Create React App.
The npm package backpack-react-scripts receives a total of 2 weekly downloads. As such, backpack-react-scripts popularity was classified as not popular.
We found that backpack-react-scripts demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.
Security News
Research
Socket's threat research team has detected five malicious npm packages targeting Roblox developers, deploying malware to steal credentials and personal data.