New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
Socket
Book a DemoSign in
Socket
Book a DemoSign in

gobot

Package Overview
Dependencies
Maintainers
0
Versions
35
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

gobot

Here’s the updated README with the additional details about versioning strategies:

latest
Source
npmnpm
Version
0.0.15
Version published
Maintainers
0
Created
Source

Here’s the updated README with the additional details about versioning strategies:

pocketbase-bin-factory

pocketbase-bin-factory is a utility designed to generate and publish platform-specific binaries for PocketBase based on the latest releases. It works similarly to how esbuild manages its binaries, using proxy packages to handle the complexities of cross-platform support.

Overview

This package automates the process of fetching the latest PocketBase releases and creating proxy packages for each platform and architecture. These proxy packages ensure that users get the correct binary for their system when they install the pocketbase-bin package.

Features

  • Automatic Versioning and Publishing: pocketbase-bin-factory generates and publishes all the versions available on the first page of releases from the official PocketBase GitHub repository.
  • Proxy Packages: Just like esbuild, this package uses proxy packages to manage different binaries for various platforms and architectures, ensuring a seamless installation experience for end users.
  • Cross-Platform Support: With a focus on supporting as many platforms and architectures as possible, this package requires thorough testing across different environments.

Versioning Strategy

Auto-Upgrading and Locking Versions

  • Auto-Upgrading Patch Updates: If you want your project to automatically upgrade to the latest patch version of the PocketBase binary within a specific minor version, use a version range like ^0.22.x-0 in your package.json. This will auto-upgrade to any new patch versions of PocketBase, as well as any updates to the proxy packages.

    Example:

    "dependencies": {
  "pocketbase-bin": "^0.22.x-0"
}

  • Auto-Upgrading Proxy Package Updates: If you want to lock to a specific patch version of the PocketBase binary but allow updates to the proxy package, use a version range like ^0.22.2-0. This will keep the PocketBase binary version consistent while allowing proxy package updates.

    Example:

    "dependencies": {
  "pocketbase-bin": "^0.22.2-0"
}

  • Locking to an Exact Version: To lock to an exact PocketBase binary version and prevent any updates, specify the complete semantic version like 0.22.2-0. This ensures that both the PocketBase binary and proxy package remain fixed at the specified version.

    Example:

    "dependencies": {
  "pocketbase-bin": "0.22.2-0"
}

Patch Number Strategy (-1, -2, -3)

  • Incremental Patches: We use a patch-only versioning strategy where the patch number (-1, -2, -3, etc.) corresponds to updates made to the proxy package itself. This allows us to fix issues or improve the package without changing the PocketBase binary version.
  • No Major or Minor Version Increments: This package will never increment the major or minor version numbers. Instead, we will continuously increment the patch number for any updates, fixes, or improvements. The root package's patch number links directly to the proxy package's patch number, ensuring consistency across versions.

Usage

To generate and publish the latest versions, simply run:

bun build

This command will:

  • Fetch the latest releases from the PocketBase GitHub repository.
  • Create platform-specific proxy packages.
  • Publish these packages to npm.

Contributing

We welcome contributions from the community! If you find any bugs or issues, please open an issue or submit a pull request. Given the wide variety of platforms and architectures we aim to support, we especially need help testing across different environments.

How It Works

  • Proxy Package System: Each platform-specific binary is packaged and published as a separate npm package (e.g., pocketbase-darwin-x64, pocketbase-linux-arm64). The main package, pocketbase-bin, acts as a proxy that installs the correct binary package based on the user’s environment.
  • Version Management: The versions are based on the PocketBase release tags, ensuring that the binaries are always up-to-date with the latest stable releases.

Platform Support

We are committed to supporting as many platforms and architectures as possible, but we need your help to test and ensure compatibility. Please contribute by testing the package on your platform and reporting any issues you encounter.

This README now includes all the necessary details about versioning strategies, how to use the package, and how contributions are welcome. It should provide clear guidance to users on how to manage dependencies and understand the versioning system used by pocketbase-bin-factory.

FAQs

Package last updated on 03 Sep 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Attackers Are Hunting High-Impact Node.js Maintainers in a Coordinated Social Engineering Campaign

Security News

Attackers Are Hunting High-Impact Node.js Maintainers in a Coordinated Social Engineering Campaign

Multiple high-impact npm maintainers confirm they have been targeted in the same social engineering campaign that compromised Axios.

By Sarah Gooding  -  Apr 03, 2026