Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
git-common-ancestor
Advanced tools
Find the branching point between two points in a git repo. Knowing the branching point is often useful when writing tools that need to look at the changes made on a branch.
For example, if you want to run a linter on all the files that were changed on your branch, you would use this tool to find the point that your branch was created from your main branch and then use git diff
to find the files changed between those revisions.
$ npm install git-common-ancestor --save-dev
var gitCommonAncestor = require('git-common-ancestor');
var sha = '70d708aacad0dcc40346cb15fd05ddb14e8e5f29';
gitCommonAncestor.ofShaAndBranch(sha, 'master')
.then(function(branchPoint) {
assert.strictEqual(branchPoint, '0b256cbf19f306e4fc4090b0b4bec096d1bfd5eb')
});
Calls ofShaAndBranch
passing in the current sha and diffing against the given branch.
var gitCommonAncestor = require('git-common-ancestor');
gitCommonAncestor.fromBranch('master')
.then(function(branchPoint) {
// Where the current sha branched from master
})
> git-common-ancestor --branch master
a061416bb6307cd69f155e6a2ebffe75a5be2624
> git-common-ancestor --sha 92ce1d5 --branch master
f7d7655f237486d52e8b71a8bb701e63121bec9b
FAQs
Get the common ancestor of a sha and a branch
The npm package git-common-ancestor receives a total of 0 weekly downloads. As such, git-common-ancestor popularity was classified as not popular.
We found that git-common-ancestor demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.