Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
generator-reaction
Advanced tools
Project generator for Reaction NodeJS projects. Built with Yeoman.
This is a Yeoman generator plugin used by Reaction Commerce developers. The main generator creates a new project. There are also subgenerators for creating a new NPM package project and for quickly adding GraphQL files to the main Reaction project.
First, globally install Yeoman and generator-reaction using npm (we assume you have pre-installed node.js).
npm install -g yo generator-reaction
If you are adding or modifying generators in this package, you can test them prior to publishing by running npm link
in the generator project's root directory to make the template available globally on your system.
npm link
mkdir project-name
cd project-name
yo reaction
mkdir package-name
cd package-name
yo reaction:npm
yo reaction:graphql
To ensure that all contributors follow the correct message convention, each time you commit your message will be validated with the commitlint package, enabled by the husky Git hooks manager.
Examples of commit messages: https://github.com/semantic-release/semantic-release
The generator-reaction
package is automatically published by CI when commits are merged or pushed to the master
branch. This is done using semantic-release, which also determines version bumps based on conventional Git commit messages.
GPL-3.0 © Reaction Commerce, Inc.
FAQs
Project generator for Reaction NodeJS projects. Built with Yeoman.
The npm package generator-reaction receives a total of 0 weekly downloads. As such, generator-reaction popularity was classified as not popular.
We found that generator-reaction demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.