
Security News
New CVE Forecasting Tool Predicts 47,000 Disclosures in 2025
CVEForecast.org uses machine learning to project a record-breaking surge in vulnerability disclosures in 2025.
Supply Chain Security
Vulnerability
Quality
Maintenance
License
Unpopular package
QualityThis package is not very popular.
Found 1 instance in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Critical CVE and High CVE
This module can automatically detect breaking changes by running the test suite of your last-release against the current codebase. That shouldn't fail.
Note: This is under the assumption you're testing the API of your module rather than implementation details. Of course this is hard sometimes and you might get false positives. Better safe than sorry :)
npm install --save-dev cracks
paths: An array of paths (files/directories) that will be checked out from the last release to restore your test suite. Note that you should add "package.json", because it will install old "devDependencies" as well. Default: ["tests", "package.json"]
silent: Whether to output the results of npm test
. It will always output the results when a breaking change was detected. Default: true
The test command is currently hard coded as npm test
, but will be configurable in the future.
semantic-release
pluginAdd a "verifyRelease" plugin to the "release" field in your "package.json".
"release": {
"verifyRelease": "cracks"
}
Passing options:
"release": {
"verifyRelease": {
"path": "cracks",
"paths": ["tests", "package.json"],
"silent": true
}
}
Usage:
crack <options>
Options:
-p, --paths <paths> Overwrite checkout paths
-s, --silent Suppress 'npm test' output
-v, --version Output the current version
-h, --help Output this help info
Copyright © 2015 Christoph Witzko
FAQs
breaking change detection
The npm package cracks receives a total of 524 weekly downloads. As such, cracks popularity was classified as not popular.
We found that cracks demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
CVEForecast.org uses machine learning to project a record-breaking surge in vulnerability disclosures in 2025.
Security News
Browserslist-rs now uses static data to reduce binary size by over 1MB, improving memory use and performance for Rust-based frontend tools.
Research
Security News
Eight new malicious Firefox extensions impersonate games, steal OAuth tokens, hijack sessions, and exploit browser permissions to spy on users.