Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
get-workspaces
Advanced tools
Get workspaces for yarn workspaces, bolt workspaces, or the root package for building repo-agnostic tools
A simple utility to get workspaces, whether they be yarn or bolt.
This library exports a very simple function that looks at a package.json, and generates
the glob of accepted workspaces from the workspaces
field. It is intended mostly for
use of developers building tools that want to support both kinds of mono-repos as an easy
way to write tools for both.
import getWorkspaces from "get-workspaces";
const workspaces = await getWorkspaces();
Workspaces have the shape:
{
name // The name from the package.json
config // The package.json of the package
dir // The directory of the package
}
We assume the function is being run from a directory with the package.json you want to target, however you can pass in a working directory if you want. In addition, you can change what tools the package will scan for.
const workspaces = await getWorkspaces({ cwd, tools });
The tools supported are yarn
, bolt
, and root
, which returns the root package as a single workspace if passed.
Tools is an array, so you can try for one type of workspace and then another, so you could do:
getWorkspaces({ tools: ["bolt", "yarn", "root"] });
FAQs
Get workspaces for yarn workspaces, bolt workspaces, or the root package for building repo-agnostic tools
The npm package get-workspaces receives a total of 13,418 weekly downloads. As such, get-workspaces popularity was classified as popular.
We found that get-workspaces demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.