Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

dispensary

Package Overview
Dependencies
Maintainers
1
Versions
86
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

dispensary

SHA-256 Hashes of popular JS libraries, used by Mozilla's Add-ons Linter

  • 0.56.0
  • Source
  • npm
  • Socket score
Version published
Weekly downloads
12K
decreased by-64.26%
Maintainers
1
Weekly downloads
 
Created
Source

Build Status codecov Dependency Status devDependency Status npm version

Dispensary 🌿

The dispensary collects and offers hashes of popular JavaScript libraries, mainly for the Mozilla's addons-linter.

Libraries updates

This is the (manual) process to update libraries in dispensary:

  1. Open src/libraries.json
  2. Open the release pages of each library. Here is a list:
  1. On each page, check whether there are newer release versions than what is in src/libraries.json. Note that some libraries, like react, support several versions, so we need to check each "branch".
  2. For major upgrades, take a quick look at the code changes
  3. Add new versions to src/libraries.json
  4. Run npm run update
  5. Commit and push (Make sure to include src/libraries.jsonand src/hashes.txt)
  6. Tag and release

Development commands

Here are some commands you can run:

npm run build

This command builds the project.

npm run clean

This command removes the build artifacts.

npm run eslint

This command runs eslint (JavaScript linter).

npm run prettier

This command runs pretty-quick to automatically compare and format modified source files against the master branch.

npm run prettier-full

This command runs Prettier to automatically format the entire codebase.

npm run prettier-ci

This command runs Prettier and fail if some code has been changed without being formatted.

npm run test

This command builds the project and then runs the test suite (in watch mode).

npm run test-coverage

This command builds the project, runs the test suite and then reports code coverage (codecov).

npm run test-ci

This command runs all checks and is only useful in a CI context.

bin/build-doc

This command updates the list of release pages in the README.md file based on the src/libraries.json file.

FAQs

Package last updated on 23 Sep 2020

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm

Security News

Research

Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm

The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.

By Kush Pandya  -  Dec 11, 2024
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc