Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
gushio
Advanced tools
Readme
Like bash scripts, but in JavaScript
Gushio* is built on top of battle-tested libraries like commander and
shelljs and allows you to write a multiplatform shell script in a single
JavaScript file without having to worry about package.json
and dependencies installation.
* Gushio is pronounced like the italian word "guscio" (IPA: /'guʃʃo/) which means "shell".
You can find some examples of Gushio scripts here. You can even try to run them directly with:
gushio https://github.com/Forge-Srl/gushio/raw/main/examples/<SCRIPT_FILENAME>
Install with npm:
npm install -g gushio
The documentation of Gushio is available here.
We don't claim that Gushio is the perfect solution for everyone. However, we believe that in some circumstances you should give it a try:
gushio
different from zx
?There are two main differences between zx
and gushio
:
zx
and gushio
use ESM, but gushio
allows the scripts to be written in both ESM and CJS.zx
doesn't provide a way to use NPM libraries in the scripts.Apart from that, there are some other minor differences in the functionalities provided out of the box. For example,
zx
uses chalk
and globby
while
gushio
uses ansi-colors
and glob
.
We think they are both fantastic tools, and we encourage folks to use zx
instead of gushio
if it makes sense for
their use-case.
See the LICENSE file for license rights and limitations (MIT).
FAQs
Like bash scripts, but in JavaScript
The npm package gushio receives a total of 0 weekly downloads. As such, gushio popularity was classified as not popular.
We found that gushio demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.