Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Charmix it's a tool to generate projects from custom templates (archetypes).
It's try to solve a problem when you copy files from one project to another over and over. And then, you sync changes in every single file between projects.
Now you can make project template once and apply it for every new project.
If you tried to use boilerplate generators like create-react-app
and similar, you may ask yourself "why i should use charmix instead"?
Answer is - for your productivity. Instead of use few CLI tools and remember how to use its and read the docs for each, you may use one tool that have one powerful interface for ALL archetypes.
If you created a boilerplate generators, you may ask yourself "why i should to create charmix archetype, instead of standalone boilerplate?"
Answer is - easy maintenance and whole powerful of platform. All you need is create JSON file on 4 lines contains glob pattern to files for static archetype or javascript function that receive options and return configured files as buffers or strings for dynamic archetypes.
Read more in ArchetypeAPI docs
# install it globally
npm install -g charmix
# or yarn
yarn global add charmix
Charmix is only platform to manage boilerplates, but it's not contains any archetypes by default. It's like APT for linux packages.
Thus, you have to find archetypes on the internet or create yours and add it to charmix registry to use.
You can look at archetypes list or try to find on github or npm by keyword charmixArchetype
.
# Add archetype from git service
charmix add -t git https://github.com/vitonsky/charmix.git archetypes/ts-frontend
# Or from local machine
charmix add -t local /home/username/archetypeDirectory
# You may list available archetypes
charmix list
# Let's use archetype ts-frontend
charmix add -t local /home/username/archetypeDirectory
# To write files to current directory
charmix use ts-frontend
# To write files to directory projectDir
charmix use -d ./projectDir ts-frontend
# Specify parameters manually
charmix use -d ./projectDir ts-frontend name=projectName useReact=true
# Or specify parameters in interactive mode
charmix use -d ./projectDir -i ts-frontend
Explore commands by run any command with argument --help
or -h
.
Try it charmix -h
, charmix use -h
.
If you want to create archetype, read the ArchetypeAPI docs and suggests to create archetype.
If you create archetype and want to make it public, publish your archetype to any git hosting or npm registry with keyword charmixArchetype
and create issue with url to your archetype to add it to archetypes list.
Inspired by Maven
FAQs
Charmix it's a tool to generate projects from custom templates (archetypes).
The npm package charmix receives a total of 2 weekly downloads. As such, charmix popularity was classified as not popular.
We found that charmix demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.