Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
grep-components
Advanced tools
Komponentbibliotek for Grep. Brukes i Læreplanutvikleren og Grepadmin.
npm i grep-components
cjs
and es
module formatsPushing to master
or any feature-branch (feature/some-feature
) will automatically run the release-workflow. This will build the package, analyze the commits to determine next version number and publish the new version to NPM and Github. Current and previous runs can be seen here.
Semantic-release will determine the next version number by looking at the commit message prefix:
Prefix | Release type | Example commit message |
---|---|---|
'BREAKING CHANGE: ' in commit message footer | Major release | revert: Reverting some changes BREAKING CHANGE: this revert will break something |
feat | Minor release | feat: Some minor changes |
fix, perf, revert, refactor, build/chore(deps*) | Patch release | fix: Some fixes |
If a commit contains none of these, then no release will be created / published.
The release-workflow can also be manually triggered from here, but will still only release if there is a commit with a valid prefix.
feature/
to be included in the release-workflow. Example: feature/some-feature
feature/
part, as a dist-tag in NPM. Example: feature/some-feature
on version 0.18.0 will become 0.18.0-some-feature.1
and can be installed by running npm i grep-components@some-feature
FAQs
Grep komponentbibliotek
The npm package grep-components receives a total of 112 weekly downloads. As such, grep-components popularity was classified as not popular.
We found that grep-components demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.