Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
firebase-tools-with-isolate
Advanced tools
Command-Line Interface for Firebase with experimental monorepo support
This is an experimental fork of the Firebase Tools which integrates isolate-package as part of the functions deploy
command in order to support monorepo setups. Alternatively, you can manually configure isolate
as part of the predeploy
step of your configuration, but having the process integrated and only running as part of the deploy command is essential if you like to preserve live code updates when running the Firebase emulators locally during development.
I think it might take some time before the Firebase team would agree to make isolate an integral part of the toolchain, if ever, because the package itself is still very new.
In the meantime I will try to keep this fork in sync with updates to the original tools. The published versions of the fork will be kept the same as the original firebase-tools
package, so you can easily see how up-to-date it is.
It is probably best to install this as a local dependency on whatever package you want to deploy to Firebase, as opposed to using a global install. This way the forked binary does not interfere with the original one on your system, and you can easily use the fork on one project will still using the original one on others.
npm install firebase-tools-with-isolate
Personally I would advise you to try PNPM for monorepo setups. At the moment, isolate-package
only supports generating isolated lockfiles for PNPM, but you can always choose to deploy to Firebase without a lockfile, similar to other workarounds people have been using.
pnpm add firebase-tools-with-isolate
Installing the fork locally provides you with the same firebase
command but in order to execute any command on the command line you prefix it with npx
like npx firebase deploy
.
If you are using the commands as part of a package.json script, npx
is not required, because scripts already prefer locally installed binaries when available.
You have to opt-in to the functions isolate process by setting functions.isolate: true
in your firebase.json
. For example:
{
"functions": {
"source": "./dist",
"runtime": "nodejs20",
"predeploy": ["turbo build"],
"isolate": true
}
}
If you like to see a complete example of a monorepo setup with Typescript and multiple Firebase service deployments check out mono-ts
For all other documentation see the original firebase tools
FAQs
Command-Line Interface for Firebase with monorepo support
The npm package firebase-tools-with-isolate receives a total of 569 weekly downloads. As such, firebase-tools-with-isolate popularity was classified as not popular.
We found that firebase-tools-with-isolate demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.