Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
buildbranch
Advanced tools
Publish a folder to the given build branch (like gh-pages).
You can use this from the command-line or within your build system.
First, install buildbranch
globally:
npm install buildbranch -g
Then, from your master branch, run buildbranch
with the branch and directory
you want to publish. It will default to gh-pages
and www
.
buildbranch gh-pages www example.com
All arguments are optional, the defaults being:
'gh-pages'
''
buildbranch will run git commit
in the given branch. You might want to skip the pre-commit hook if there is one. This can be archived by adding another command line argument:
buildbranch gh-pages www example.com no-verify
Actually, anytime four arguments are passed, git commit
will be run with --no-verify
, skipping the pre-commit and commit-msg hook, it does not matter if you pass no-verify
or any other non-empty string as the fourth argument.
buildbranch gh-pages www example.com no-verify
If you want to skip have --no-verify
but do not want to specify a domain, use
buildbranch gh-pages www '' no-verify
First, install buildbranch
as a development dependency:
npm install buildbranch --save-dev
Then, use it in your build system:
buildBranch({
branch: 'gh-pages',
remote: 'origin',
ignore: ['.git', 'www', 'node_modules'],
folder: 'www',
domain: 'example.com',
noVerify: false
}, function(err) {
if(err) {
throw err;
}
console.log('Published!');
});
For example in gulp you can do it like this:
var gulp = require('gulp');
var buildBranch = require('buildbranch');
gulp.task('gh', ['build'], function(done) {
buildBranch({ folder: 'dist' }, done);
});
Type: Object
Required. An object containing the following options.
Type: String
Default: 'gh-pages'
The branch on wich to publish.
Type: String
Default: 'origin'
The remote repository on wich to publish.
Type: String
Default: 'www'
The folder in wich the build is.
Type: String
The domain name that will fill the cname file.
Type: String
Default: 'CNAME'
The name of the file enabling custom domain name on you build platform.
Type: String
Default: 'Build $'
The commit label, the first $
occurrence in the given string will be replaced
by the current date.
Type: String
Default: process.cwd()
The working directory (root of the git repo).
Type: Array
A list of files to ignore. 'node_modules' and '.git' will be automatically added to the ignore list.
Type: Boolean
Default: false
Whether or not to add --no-verify
when running git commit
(skipping the pre-commit and commit-msg hook).
Type: Function
Required. Called when the publication is done.
FAQs
Publish a folder to the given build branch (like gh-pages).
The npm package buildbranch receives a total of 25 weekly downloads. As such, buildbranch popularity was classified as not popular.
We found that buildbranch demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.