Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
bonde-webpages
Advanced tools
Using tsdx to build package.
TSDX scaffolds your new library inside /src
and NextJS sets up a playground for it inside /example
.
The recommended workflow in development is with use yarn link
to easily debug on version not yet released.
Run build in terminal:
# run this command in location /
yarn
For run development enrivonment, create a link to bonde-webpages
and react
for use on example/
app. (More about yarn link)[https://dev.to/mfco/unsolving-the-mysteries-of-yarn-npm-link-for-libraries-development-1bo0]
yarn link # create link to bonde-webpages
cd node_modules/react && yarn link # create link to react
cd ../react-dom && yarn link # create link to react-dom
Then run the example inside another:
# run this command in location /
cd example
yarn
yarn link bonde-webpages react react-dom
yarn build # or `yarn run dev` to start dev server
Run inside another terminal:
yarn storybook
This loads the stories from ./stories
.
Code quality is set up for you with prettier
, husky
, and lint-staged
. Adjust the respective fields in package.json
accordingly.
Jest tests are set up to run with npm test
or yarn test
. This runs the test watcher (Jest) in an interactive mode. By default, runs tests related to files changed since the last commit.
TSDX uses Rollup v1.x as a bundler and generates multiple rollup configs for various module formats and build settings. See Optimizations for details.
tsconfig.json
is set up to interpret dom
and esnext
types, as well as react
for jsx
. Adjust according to your needs.
to be completed
to be completed
Please see the main tsdx
optimizations docs. In particular, know that you can take advantage of development-only optimizations:
// ./types/index.d.ts
declare var __DEV__: boolean;
// inside your code...
if (__DEV__) {
console.log('foo');
}
You can also choose to install and use invariant and warning functions.
CJS, ESModules, and UMD module formats are supported.
The appropriate paths are configured in package.json
and dist/index.js
accordingly. Please report if any issues are found.
Run build to deploy on production:
cd example # if not already in the example folder
yarn build # builds to dist
yarn start # deploy the dist folder
FAQs
Using [tsdx](https://github.com/palmerhq/tsdx) to build package.
The npm package bonde-webpages receives a total of 1 weekly downloads. As such, bonde-webpages popularity was classified as not popular.
We found that bonde-webpages demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.