Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
gitbook-commander
Advanced tools
npm scripts friendly CLI for GitBook that installs nothing on your system and makes use of peerDependencies
An alternative lightweight CLI for the awesome GitBook documentation generator that, unlike the official CLI, doesn't assume it is installed globally (and, to the contrary, is built specifically for being used in npm scripts) and does not install anything on its own behalf.
$ npm install --save-dev gitbook
$ npm install --save-dev gitbook-commander
After that, the gitbook-local
command will be available for you to use from
npm scripts in package.json
or via npx.
For example, you may add this or something similar to your package.json
:
{
"scripts": {
"build-docs": "gitbook-local build"
}
}
and run
$ npm run build-docs
to build your documentation. GitBook stays isolated inside your node_modules
🎉
Issues and PRs are welcome if you spot anything worth fixing! ❤️
This project uses Conventional Commits and the JavaScript code style
covered by its own ESLint config (no textual description, sorry 😔, just
follow the surrounding code and run the linter via npm run lint
or as a part
of the general testing process via npm test
).
Please adhere to the Code of Conduct for all the interaction in this repo.
MIT
FAQs
npm scripts friendly CLI for GitBook that installs nothing on your system and makes use of peerDependencies
We found that gitbook-commander demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.