Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
fixme
Advanced tools
Readme
NOTE: I no longer actively maintain this package. I'd love to get PRs to keep it going though!
Scan for NOTE, OPTIMIZE, TODO, HACK, XXX, FIXME, and BUG comments within your source, and print them to stdout so you can deal with them. This is similar to the rake notes
task from Rails.
It ends up giving you an output like this:
The color formatting is currently done using the excellent terminal coloring library chalk.
Fixme currently scans your matching files line-by-line looking for annotations in the code. As such; multi-line annotation capturing is currently not supported. All annotations must be on the same line.
In order to use Fixme all you need to do is install it:
npm install -g fixme
Note: There really shouldn't be much reason to globally install it...
Require it:
var fixme = require('fixme');
And finally; configure it when you call it:
// All values below are Fixme default values unless otherwise overridden here.
fixme({
path: process.cwd(),
ignored_directories: ['node_modules/**', '.git/**', '.hg/**'],
file_patterns: ['**/*.js', 'Makefile', '**/*.sh'],
file_encoding: 'utf8',
line_length_limit: 1000,
skip: []
});
You should then see some nice output when this is run:
• path/to/your/directory/file.js [4 messages]:
[Line 1] ✐ NOTE: This is here because sometimes an intermittent issue appears.
[Line 7] ↻ OPTIMIZE: This could be reworked to not do a O(N2) lookup.
[Line 9] ✓ TODO from John: Add a check here to ensure these are always strings.
[Line 24] ✄ HACK: I am doing something here that is horrible, but it works for now...
[Line 89] ✗ XXX: Let's do this better next time? It's bad.
[Line 136] ☠ FIXME: We sometimes get an undefined index in this array.
[Line 211] ☢ BUG: If the user inputs "Easter" we always output "Egg", even if they wanted a "Bunny".
note
, optimize
, todo
, hack
, xxx
, fixme
, bug
, line
. line
will disable the line length warning.fixme --help
Using this as a GulpJS task is pretty simple, here is a very straight-forward "notes" task:
gulp.task('notes', fixme);
That, of course, assumes all of the defaults in Fixme are ok with you. If not, this is still pretty simple to configure and run as a Gulp task:
gulp.task('notes', function () {
fixme({
path: process.cwd(),
ignored_directories: ['node_modules/**', '.git/**', '.hg/**'],
file_patterns: ['**/*.js', 'Makefile', '**/*.sh'],
file_encoding: 'utf8',
line_length_limit: 1000
});
});
A code annotation needs to follow these rules to be picked up by Fixme:
You can have an author of a comment displayed via Fixme:
// NOTE(John Postlethwait): This comment will be shown as a note, and have an author!
[Line 1] ✐ NOTE from John Postlethwait: This comment will be shown as a note, and have an author!
Take a look at the test/annotation_test.js
file, all of those comments in there are supported and expected to parse with Fixme.
FAQs
Scan for NOTE, OPTIMIZE, TODO, HACK, XXX, FIXME, and BUG comments within your source, and print them to stdout so you can deal with them.
The npm package fixme receives a total of 1,029 weekly downloads. As such, fixme popularity was classified as popular.
We found that fixme demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.