Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
generator-typescript-react-lib
Advanced tools
A Yeoman generator for React libs written with Typescript.
A Yeoman generator for React libs written with Typescript.
To provide a basic starting point when authoring React libraries with Typescript. By design not all use-cases will be handled, so some post-generation modifications may be required.
First, install Yeoman and generator-typescript-react-lib:
$ npm install -g yo generator-typescript-react-lib
Then generate your new library:
$ mkdir your-new-react-library && cd $_
$ yo typescript-react-lib
Everything revolves around GitHub PRs:
It's also recommended to set branch protection rules against the master
branch by selecting the following:
Require status checks to pass before merging
.Require branches to be up to date before merging
.ci
.Running npm test
will:
Once the PR checks have passed:
master
branch.master
is up-to-date.npm release <newversion>
. Refer to the npm-version docs for information on the newversion
argument.The release
script will:
package.json
version.CHANGELOG.md
that includes these latest changes.AUTHORS
file.MIT
v1.0.178 (2024-09-03)
FAQs
A Yeoman generator for React libs written with Typescript.
We found that generator-typescript-react-lib demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.