Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Readme
Experimental caching TypeScript compiler suitable for monorepos and CI.
This acts as a drop-in replacement for TypeScript's own tsc
. It will store the compiled files in a cache directory at $CTSC_CACHE_DIR
(default to /tmp/ctsc
). The next time the compiler is invoked for a particular module, the cached output will be re-used if all the inputs are the same (checked with git hash-object, sha1).
With the introduction of project mode, local caching was added, however, it has 3 significant restrictions:
package.json
. This means double book-keeping.ctsc has a different set of limitations, which are somewhat less restrictive:
outDir
setting, so it can more easily cache the output directory properly. This
limitation may be removable in the future if we decide to add a filter of the files to copy, as well
as use a better copying solution such as rsync
or cpx
(slow)include
setting, so it can more easily read all the inputs. This limitation may
also be removable in the future if we decide to add a filter on the files to use when calculating
the input hash.Most monorepo projects already specify an outDir
as build
and include
directories (e.g. src,
tests, etc) so we believe these limitations are ok. Let us know if you disagree.
yarn add ctsc
Requirements:
git hash-object
)Within a package dir:
ctsc [-p tsconfig.json]
The package must have at least the following configuration in tsconfig:
and its workspace dependencies must be referenced in package.json dependencies
or
devDependencies
Then you can use it with wsrun
yarn wsrun --staged -r ctsc
To prune old items from the cache (use env var CTSC_TMP_MAX_ITEMS to limit the cache size)
ctsc --clean
To purge the entire cache
ctsc --purge
B
for the first time, a .ctsc.hash
file is inserted into the output, containing the OHASH
- a hash computed from all the outout .d.ts files produced by the compilation.A
's dependency is B
, the OHASH of B
from its .ctsc.hash
file is included when calculating the input hash IHASH
hash of package A
. In addition, all the sources specified in include
are also considered when calculating the IHASH.$CTSC_CACHE_DIR
named $IHASH
, tsc
is not invoked. Instead, the outDir is copied from the cache directly to the destination.Yes! If the dependency was compiled with ctsc, a .ctsc.hash
will be included in the output directory. If this hash of the definition files has changed, any module that depends on that dependency will be rebuilt by ctsc when you install the new version via yarn/npm!
FAQs
A caching compiler for TypeScript monorepos
The npm package ctsc receives a total of 6 weekly downloads. As such, ctsc popularity was classified as not popular.
We found that ctsc demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.