Research
npm Malware Targets Telegram Bot Developers with Persistent SSH Backdoors
Malicious npm packages posing as Telegram bot libraries install SSH backdoors and exfiltrate data from Linux developer machines.
By Kush Pandya - Apr 18, 2025
You're Invited: Meet the Socket team at BSidesSF and RSAC - April 27 - May 1.RSVP →
gulp-bower
Advanced tools
gulp-bower
Deprecated. Please use Browserify, Rollup or Webpack
This task is designed for gulp 3+.
Install
$ npm install --save-dev gulp-bower
Usage
Install packages into the bower_components directory from bower.json dependencies:
var gulp = require('gulp');
var bower = require('gulp-bower');
gulp.task('bower', function() {
return bower();
});
Examples
- To install packages into a custom directory, pass the
directoryoption:
var gulp = require('gulp');
var bower = require('gulp-bower');
gulp.task('bower', function() {
return bower({ directory: './vendor' })
});
- To set the current working directory, pass the
cwdoption:
var gulp = require('gulp');
var bower = require('gulp-bower');
gulp.task('bower', function() {
return bower({ directory: './vendor', cwd: './client' })
});
- By default gulp-bower runs 'install' command for Bower. Using cmd property, you can specify the custom command (e.g. update):
var gulp = require('gulp');
var bower = require('gulp-bower');
gulp.task('bower', function() {
return bower({ cmd: 'update' });
});
API
bower(opts)
- opts.directory -
stringInstall directory. Default: taken from.bowerrcconfig orbower_components - opts.cwd -
stringCurrent working directory. Default:process.cwd() - opts.cmd -
stringbower command. Default:install - opts.interactive -
booleanEnable prompting on version conflicts. Default:false - opts.verbosity -
numberSet verbosity level. Default:2- 0 - No output
- 1 - Error output
- 2 - Info
Changelog
#####0.0.14
- Drop dependency on deprecated
gulp-util. (by TheDancingCode)
#####0.0.13
- Added verbosity options, prompting, .bowerrc handling, tests and CI. (by Crevil)
#####0.0.12
- Fixed command passing to also handle nested commands (by mechanoid)
#####0.0.11
- Fixed dependencies (by serbrech)
#####0.0.10
- Fixed #28
#####0.0.9
- Fixed #19
- Fixed undefined cwd bug
#####0.0.8
- Fixed dependencies versions (by Karl-Gustav)
- Fixed cwd bug (by mlegenhausen)
#####0.0.7
- Added commands support (by Keksinautin)
#####0.0.6
- Added ability to pass in an initialization object that allows a cwd to be specified (by cb1kenobi)
#####0.0.5
- Emits "end", so the consumer knows when bower is done installing (by agzam)
#####0.0.4
- fixed custom bower directory bug
#####0.0.3
- add logging (by squarejaw)
#####0.0.2
- parse .bowerrc for the bower install directory or allow the user to specify the directory (by eboskma)
#####0.0.1
- initial release
Keywords
FAQs
Install Bower packages.
We found that gulp-bower demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 17 Apr 2019
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Python Tools Are Quickly Adopting the New pylock.toml Standard
pip, PDM, pip-audit, and the packaging library are already adding support for Python’s new lock file format.
By Sarah Gooding - Apr 18, 2025
Product
Go Support Is Now Generally Available
Socket's Go support is now generally available, bringing automatic scanning and deep code analysis to all users with Go projects.
By Peter van der Zee, Ryan Eberhardt - Apr 17, 2025