Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
gulp-clean
Advanced tools
Deprecated in favor of https://github.com/gulpjs/gulp/blob/master/docs/recipes/delete-files-folder.md
Removes files and folders.
Install with npm.
npm install --save-dev gulp-clean
var gulp = require('gulp');
var clean = require('gulp-clean');
gulp.task('default', function () {
return gulp.src('app/tmp', {read: false})
.pipe(clean());
});
Option read:false prevents gulp from reading the contents of the file and makes this task a lot faster. If you need the file and its contents after cleaning in the same stream, do not set the read option to false.
var gulp = require('gulp');
var clean = require('gulp-clean');
gulp.task('default', function () {
return gulp.src('app/tmp/index.js')
.pipe(clean({force: true}))
.pipe(gulp.dest('dist'));
});
Clean as a dependency:
var gulp = require('gulp');
var clean = require('gulp-clean');
gulp.task('clean-scripts', function () {
return gulp.src('app/tmp/*.js', {read: false})
.pipe(clean());
});
gulp.task('scripts', ['clean-scripts'], function () {
gulp.src('app/scripts/*.js')
.pipe(gulp.dest('app/tmp'));
});
gulp.task('default', ['scripts']);
Make sure to return the stream so that gulp knows the clean task is asynchronous and waits for it to terminate before starting the dependent one.
MIT @ Peter Vilja
FAQs
A gulp plugin for removing files and folders.
We found that gulp-clean demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.