Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
generator-gulpfile-advanced
Advanced tools
A generator powered by Yeoman which gives a user the abilitiy to create all Gulp tasks they need to build, run or develop one's application.
$ npm install -g yo generator-gulpfile-advanced
$ yo gulpfile-advanced
$ yo gulpfile-advanced:taskName
$ gulp taskName
$ gulp taskName:watch
$ yo gulpfile:custom
What would you call your custom task?
> dev
Which tasks do you want in your custom task ?
> less:watch, webserver:watch, minify-html:watch
$ git clone https://github.com/bnjjj/gulpfile-generator.git
$ git submodule init
$ git submodule update
$ cd generator-gulpfile
$ npm link
The long goal of this generator is for it to be used with other sub-generators - ones I haven't developed too. Each sub-generator is isolated in its own git repository so that everyone can request pulls or file more precise issues.
Furthermore you can develop your own sub-generator; after you have tested don't hesitate to request a pull so that I can integrate it as a sub-module in the main generator. This way you will still be the sole owner of your work and are free to edit it as you please.
Here are the pre-requisites for your pull requests to be accepted:
The structure of the sub-generators has to be as follows:
If you're interested in developing:
Big thanks to WaxAndWane for the translation
Made by Coenen Benjamin with love
FAQs
A yeoman generator to build gulpfiles easily
We found that generator-gulpfile-advanced demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.