Product
Socket Now Supports uv.lock Files
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.
By Trevor Norris - Jan 09, 2025
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
decaffeinate-coffeescript
Advanced tools
decaffeinate-coffeescript
decaffeinate fork of the CoffeeScript implementation
decaffeinate fork of CoffeeScript
This is is a fork of the CoffeeScript implementation with some small patches that are useful to the decaffeinate project. It also contains TypeScript types for working with the CoffeeScript AST.
It is available on npm under the name decaffeinate-coffeescript, but the intention is that it will only be useful for decaffeinate and its dependencies.
Process
The main purpose of this process approach is to make it easy to make patches to CoffeeScript while also not interfering with branch names or version numbers. Any of these steps could probably be automated, but since this fork will likely have very few changes, we'll just follow the process manually for now.
Branch/release strategy
All work is done on a branch directly off of the most recent release, currently
1.12.7. Work is done on a branch called decaffeinate-fork-1.12.7, which is
also specified as the GitHub default branch. Ideally, the git history should be
clean, and make it clear which changes have been made on top of the official
release.
Release names are based on the CoffeeScript release, with a patch number as a
suffix. So the first patch is version 1.12.7-patch.1, then 1-12.7-patch.2,
etc. Semantic versioning isn't too important here since this package is just for
internal use within the decaffeinate project.
Submitting a new patch
Patches are submitted as pull requests to the most recent fork branch. If the patch is a bug fix, we also make a reasonable effort to submit a PR to the official CoffeeScript repo on the master branch.
Once the patch is landed, we make another commit updating package.json with the new version number and publish the result to npm.
Dealing with CoffeeScript updates
Whenever CoffeeScript releases a new version, we will switch to a new branch based on the new release and re-apply the relevant patches using cherry-picks. We'll skip irrelevant changes like the package.json commits. This should hopefully keep the git history understandable and keep this repository focused as a small set of well-understood patches.
FAQs
decaffeinate fork of the CoffeeScript implementation
We found that decaffeinate-coffeescript demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Package last updated on 12 Feb 2018
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
Gmail For Exfiltration: Malicious npm Packages Target Solana Private Keys and Drain Victims' Wallets
Socket researchers have discovered multiple malicious npm packages targeting Solana private keys, abusing Gmail to exfiltrate the data and drain Solana wallets.
By Kirill Boychenko - Jan 08, 2025
Security News
New Python Packaging Proposal Aims to Solve Phantom Dependency Problem with SBOMs
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
By Sarah Gooding - Jan 07, 2025