Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
boar-tasks-server
Advanced tools
This repository contains Gulp-based tasks to make server-side applications easier. It can be used with any server side framework.
These tasks are helpers, you have to define your build tasks in your project's gulpfile.js
. You can find examples in our existing services or workshop material.
Usually we create a tasks.config.js
file which is for override the default task settings.
// tasks.config.js
module.exports = {
server: {
environmentVariables: {
DEBUG: 'suite-sdk,suiterequest',
PORT: 9100,
BASE_URL: 'http://localhost:9100',
NODE_ENV: 'development'
}
}
};
// gulpfile.js
let gulp = require('gulp');
let runSequence = require('run-sequence');
let config = require('./tasks.config');
let tasks = require('boar-tasks-server').getTasks(gulp, config);
gulp.task('build', ['build-clean'], function(cb) {
runSequence(['server-copy'], cb);
});
gulp.task('start', ['build'], function(cb) {
runSequence(['server', 'server-watch'], cb);
});
gulp.task('test', tasks.server.test);
gulp.task('build-clean', function(cb) { tasks.build.clean(cb); });
gulp.task('server', tasks.server.start);
gulp.task('server-copy', function() { return tasks.server.copy(false); });
gulp.task('server-copy-only-changed', function () { return tasks.server.copy(true); });
gulp.task('server-jshint', function() { return tasks.server.jshint(); });
gulp.task('server-watch', function() { gulp.watch(tasks.config.server.filePattern, ['server-copy-only-changed']) });
It is used to remove files from the build target directory.
Run a server with Nodemon for development purposes. It automatically restarts the server if any file in the dist
folder is changed and notifies the developer about it.
Default configuration
Config.build = {
distPath: 'dist/'
};
Config.server = {
path: 'server/',
runnable: Config.build.distPath + 'server.js',
filePattern: ['server/**/!(*.spec).{jade,js}', 'package.json'],
watchPattern: 'server/**/*.js',
environmentVariables: {
NODE_ENV: process.env.NODE_ENV || 'development',
APP_ROOT_PATH: process.cwd() + '/' + Config.build.distPath,
IP: process.env.IP || undefined,
PORT: process.env.PORT || 9100,
BASE_URL: process.env.BASE_URL || 'http://localhost:9100'
}
};
Usage
gulp.task('server', tasks.server.start);
Docker
If you'd like to run your server in Docker and restart on file changes you have to set the NODEMON_LEGACY_WATCH
environment variable to true
. It forces Nodemon to use legacy change detection mode which is the only way to support Docker.
Copy files from the server source to the dist
folder.
Default configuration
Config.build = {
distPath: 'dist/'
};
Config.server = {
filePattern: ['server/**/!(*.spec).{jade,js}', 'package.json'],
copySrcOptions: {}
};
Usage
gulp.task('server-copy', function() { return tasks.server.copy(false); });
// If you want to copy only the changed files
gulp.task('server-copy-only-changed', function () { return tasks.server.copy(true); });
Run all the tests found (all *.spec.js
files) in the codebase.
Default configuration
Config.server = {
path: 'server/',
test: {
requires: ['co-mocha'],
flags: ['reporter dot', 'colors'],
environmentVariables: {
NODE_ENV: process.env.NODE_ENV || 'test',
APP_ROOT_PATH: process.cwd() + '/' + Config.build.distPath
}
}
};
Usage
gulp.task('server-copy', function() { return tasks.server.copy(false); });
// If you want to copy only the changed files
gulp.task('server-copy-only-changed', function () { return tasks.server.copy(true); });
Run the specified command by spawning a child process. It sets the server environment variables from the configuration also for the child process.
Default configuration
Config.server = {
environmentVariables: {
PORT: process.env.PORT || 9100,
BASE_URL: process.env.BASE_URL || 'http://localhost:9100'
}
};
Usage
// Creating task for a job-runner
gulp.task('job-runner', function (cb) { return tasks.server.runCommand('server/processes/job-runner', cb) });
Run the specified command by spawning a child process. It sets the test environment variables from the configuration also for the child process.
Default configuration
Config.server = {
test: {
environmentVariables: {
NODE_ENV: process.env.NODE_ENV || 'test',
APP_ROOT_PATH: process.cwd() + '/server/processes/web/'
}
},
};
Usage
// Creating task for a job-runner
gulp.task('job-runner', function (cb) { return tasks.server.runTestCommand('server/processes/job-runner', cb) });
Run the specified command by spawning a child process. It sets the given environment variables also for the child process.
Usage
// Creating task for a job-runner
gulp.task('job-runner', function (cb) { return tasks.server.runEnvironmentCommand('server/processes/job-runner', { NODE_ENV: 'integration' }, cb) });
Check code style using ESLint on the selected JavaScript files.
Default configuration
Config.server = {
codeStylePattern: 'server/**/*.js'
}
Usage
gulp.task('server-codestyle', tasks.server.codeStyle);
Check code style on the selected template files using pug-lint.
Default configuration
Config.server = {
app: {
templateCodeStylePattern: 'server/app/**/*.jade'
}
}
Code style rules
Install pug-lint-config-emarsys
to your project and create a file in your project's root called .pug-lintrc
with the following content:
{
"extends": "emarsys"
}
Usage
gulp.task('server-template-code-style', tasks.server.templateCodeStyle);
Check package.json's dependencies section against known vulnerable libraries. This will only generate warnings on the console.
Usage
gulp.task('nsp', function(cb) { tasks.server.nsp(__dirname + '/package.json', cb) });
FAQs
Boar Tasks for server side
The npm package boar-tasks-server receives a total of 5 weekly downloads. As such, boar-tasks-server popularity was classified as not popular.
We found that boar-tasks-server demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.