Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
cdklabs-projen-project-types
Advanced tools
This repository stores custom project types extended from `projen` with cdklabs defaults baked in. This is meant to serve as a hook for continuous management of all repos we own. With cdklabs projen types, we can add new configuration as they come up and
This repository stores custom project types extended from projen
with cdklabs defaults
baked in. This is meant to serve as a hook for continuous management of all repos we own.
With cdklabs projen types, we can add new configuration as they come up and have it
propagate to all repositories using the type.
This type extends projen's awscdk.AwsConstructLibrary
project type and should be used in place
of that type.
From the command line:
npx projen new --from cdklabs-projen-project-types cdklabs-construct-lib
From inside cdk-ops
:
this.cdklabs.addPreApprovedRepo({
repo: 'cdk-new-lib',
owner: 'conroyka@amazon.com',
createWith: {
projectType: ProjectType.CDKLABS_MANAGED_CONSTRUCT_LIB,
},
});
cdklabsPublishingDefaults
By default, this is turned on. cdklabsPublishingDefaults
provides publishing defaults based off
of the project's name. Specifically, the defaults look like this:
return {
publishToPypi: {
distName: npmPackageName,
module: changeDelimiter(npmPackageName, '_'),
},
publishToMaven: {
javaPackage: `io.github.cdklabs.${changeDelimiter(npmPackageName, '.')}`,
mavenGroupId: 'io.github.cdklabs',
mavenArtifactId: npmPackageName,
mavenEndpoint: 'https://s01.oss.sonatype.org',
},
publishToNuget: {
dotNetNamespace: `Cdklabs${upperCaseName(npmPackageName)}`,
packageId: `Cdklabs${upperCaseName(npmPackageName)}`,
},
publishToGo: {
moduleName: `${npmPackageName}-go`,
},
};
Additionally, we also require that we publish to all jsii language targets (including go) when
we specify a library as stable
.
private
By default, a project is created as private
. Turning this off simply means setting private: false
.
A project being private
means it gets certain properties set as default that are true for private
projects. Today, that means setting private: true
in package.json
, removing .mergify.yml
from
the project, and removing .npmignore
.
releasableCommits
By default this project type releases ReleasableCommits.featuresAndFixes
, to not release a new
version every day on a package that only sees devDependency updates. You may want to override this
if you need something more specific.
This type extends projen's typescript.TypeScriptProject
project type and should be used in place
of that type.
npx projen new --from cdklabs-projen-project-types cdklabs-ts-proj
From inside cdk-ops
:
this.cdklabs.addPreApprovedRepo({
repo: 'cdk-new-lib',
owner: 'conroyka@amazon.com',
createWith: {
projectType: ProjectType.CDKLABS_MANAGED_TS_PROJECT,
},
});
private
By default, a project is created as private
. Turning this off simply means setting private: false
.
A project being private
means it gets certain properties set as default that are true for private
projects. Today, that means setting private: true
in package.json
, removing .mergify.yml
from
the project, and removing .npmignore
.
A TypeScript monorepo using Yarn Workspaces.
Individual workspaces can be added with yarn.TypeScriptWorkspace
which extends projen's typescript.TypeScriptProject
.
npx projen new --from cdklabs-projen-project-types cdklabs-yarn-monorepo
const project = new yarn.CdkLabsMonorepo({
defaultReleaseBranch: "main",
devDeps: ["cdklabs-projen-project-types"],
name: "monorepo",
});
Workspace commands: projen build|compile|package|test|upgrade
Will run the specific command in all workspaces and the root if applicable.
Workspace run: projen run <command>
Executes the given command in all workspaces
Automatic dependency installation
The monorepo will know if a dependency has been added for a workspace and run yarn install
as part of projen
projen
at any level
The default projen
command can be run in any workspace and will execute the monorepo synth command.
Release
This feature is not supported at this time.
Any release functionality must be implemented.
vscodeWorkspace: boolean
You can specify if a VSCode Workspace file should be created for the monorepo.
new yarn.TypeScriptWorkspace({
parent: project,
name: 'workspace'
})
parent: yarn.Monorepo
Workspaces (aka subprojects) must be added using the parent
option.
workspaceScope: string
The location the workspace is placed at. Defaults to ./packages
excludeDepsFromUpgrade: Array<string>
List any dependencies that should not be updated in the workspace.
FAQs
This repository stores custom project types extended from `projen` with cdklabs defaults baked in. This is meant to serve as a hook for continuous management of all repos we own. With cdklabs projen types, we can add new configuration as they come up and
The npm package cdklabs-projen-project-types receives a total of 5,770 weekly downloads. As such, cdklabs-projen-project-types popularity was classified as popular.
We found that cdklabs-projen-project-types demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.