Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Meant to run on top of another script during development, reload the app after every change in the codebase
For development purposes only
This script is meant to run on top of another process while watching source files. If any change occurs, it automatically shuts the process down, WAIT until it has correctly been stopped (or kills it after some delay), and only then restarts it.
This script is meant to replace solutions like nodemon, which have a few cumbersome caveats.
$ npx ergol <script> -c <config> -d <cwd>
Options | Alias | Required | Description |
---|---|---|---|
No flag needed | - | yes | Script that runs under this process and that is reloaded when necessary |
--config | -c | no | JSON file containing configuration variables intended to override default ones |
--cwd | -d | no | Current Working Directory (if different from your actual cwd) |
--script-args | - | no | Arguments to pass to the script |
--node-args | - | no | Arguments to pass to the node interpreter |
--watch | -w | no | Array of cwd relative path/to/directories or files to watch |
--kill-delay | -k | no | Kill the process if it did not stop after this delay |
Ergol allows you to customize its behavior when necessary. If its a ponctual setting you can use one of the command argument listed before but we recommend using a config file when using recurrent options.
If you choose to use both methods, beware of which setting will be selected. Ergol will resolve each parameter by looking for command options first, config file then and default config otherwise.
{
"killDelay": "5000",
"nodeArgs": [],
"scriptArgs": [],
"watch": [
"lib",
"src",
"index.*s",
"nodes_modules"
]
}
$ npx ergol scripts/start-app.js -c config/ergol.config.json --script-args=--option my-option-1
{
"killDelay": "10000",
"watch": [
"index.ts",
"src",
"package-lock.json"
]
}
{
"killDelay": "10000",
"nodeArgs": [],
"scriptArgs": [
"--option my-option-1"
],
"watch": [
"index.ts",
"src",
"package-lock.json"
]
}
FAQs
Meant to run on top of another script during development, reload the app after every change in the codebase
The npm package ergol receives a total of 707 weekly downloads. As such, ergol popularity was classified as not popular.
We found that ergol demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.