Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
frans-scripts
Advanced tools
CLI toolbox for common scripts for my projects (forked from and inspired by kcd-scripts)
I do a bunch of open source and want to make it easier to maintain so many projects.
This is a CLI that abstracts away all configuration for my open source projects for linting, testing, building, and more.
This module is distributed via npm which is bundled with node and
should be installed as one of your project's devDependencies
:
npm install --save-dev frans-scripts
yarn add --dev frans-scripts
This is a CLI and exposes a bin called frans-scripts
. I don't really plan on
documenting or testing it super duper well because it's really specific to my
needs. You'll find all available scripts in src/scripts
.
This project actually dogfoods itself. If you look in the package.json
, you'll
find scripts with node src {scriptName}
. This serves as an example of some of
the things you can do with frans-scripts
.
Unlike react-scripts
, frans-scripts
allows you to specify your own
configuration for things and have that plug directly into the way things work
with frans-scripts
. There are various ways that it works, but basically if you
want to have your own config for something, just add the configuration and
frans-scripts
will use that instead of it's own internal config. In addition,
frans-scripts
exposes its configuration so you can use it and override only
the parts of the config you need to.
This can be a very helpful way to make editor integration work for tools like ESLint which require project-based ESLint configuration to be present to work.
So, if we were to do this for ESLint, you could create an .eslintrc
with the
contents of:
{ "extends": "./node_modules/frans-scripts/eslint.js" }
Or, for babel
, a .babelrc
with:
{ "presets": ["frans-scripts/babel"] }
Or, for jest
, a jest.config.js
:
const jestConfig = require('frans-scripts/jest');
module.exports = Object.assign(jestConfig, {
// your overrides here
});
Or, for prettier
, a prettier.config.js
:
const prettierConfig = require('frans-scripts/prettier');
module.exports = Object.assign(prettierConfig, {
// your overrides here
});
Note:
frans-scripts
intentionally does not merge things for you when you start configuring things to make it less magical and more straightforward. Extending can take place on your terms. I think this is actually a great way to do this.
This is inspired by kcd-scripts
and react-scripts
.
I'm not aware of any, if you are please make a pull request and add it here! Again, this is a very specific-to-me solution.
Thanks goes to these people (emoji key):
Adam Bergman 💻 |
---|
This project follows the all-contributors specification. Contributions of any kind welcome!
MIT
FAQs
CLI for common scripts for my projects
The npm package frans-scripts receives a total of 1 weekly downloads. As such, frans-scripts popularity was classified as not popular.
We found that frans-scripts demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.