Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
grunt-rev-json
Advanced tools
Readme
Digest files and output rev for each file in a json.
npm install grunt-rev-json --save
Once the plugin has been installed, it may be enabled inside your Gruntfile with this line of JavaScript:
grunt.loadNpmTasks('grunt-rev-json');
In your project's Gruntfile, add a section named rev_json
to the data object passed into grunt.initConfig()
.
grunt.initConfig({
rev_json: {
options: {
// algorithm used to digest
// crc32c and all crypto.createHash supported algorithms
algorithm: 'crc32c'
// encoding of digest
// base64, hex
encoding: 'base64',
// use url safe base64, only works when encoding is base64
urlSafe: true,
// prefix length of encoded digest, pass 0 or -1 to use complete digest
length: 8
},
your_target: {
src: ['public/**/*.{js,css}']
dest: 'rev.json'
},
},
});
$ pwd
/Users/xiaoyi/Projects/public
$ tree
.
├── scripts
│ ├── desktop.js
│ ├── error.js
│ └── moment.js
└── styles
├── desktop.css
└── mobile.css
grunt.initConfig({
rev_json: {
options: {
algorithm: 'sha224',
length: -1
},
static: {
src: ['public/**/*.{js,css}'],
dest: 'public/rev.json'
}
}
});
{
"scripts/desktop.js": "eSgRA3v4XUcOM66neA7Y2ZfMOX5w0hNWVfuHpQ",
"scripts/error.js": "ZQIiKlJ0_Nj0F8-hi1mnYccZ61rJ5n426vgVBw",
"scripts/mobile.js": "QxB9zfm1PyhYKFMBiqXh9ox8fmCcNmwXWkTRFg",
"styles/desktop.css": "xjrIkYLwmiL6tTMduEjtziR3cr3bJkxyHZ3wQw",
"styles/mobile.css": "YcJ2rs1SI7kbcjgnVO8K0Bf1moFVLwmbPHrVaw"
}
Output JSON will use src path (relative to output file location) as key, and digest as value.
FAQs
Grunt task to digest files and output rev for each file in a json.
The npm package grunt-rev-json receives a total of 1 weekly downloads. As such, grunt-rev-json popularity was classified as not popular.
We found that grunt-rev-json demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.