Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
ideal-tools
Advanced tools
Readme
ideal is a collection of pre-existing tools for generating client assets, wrapped up in an easy to use CLI. It currently supports TypeScript
and SASS
. The tools used are as follows:
Install with npm:
npm install --save-dev ideal-tools
Install with yarn:
yarn add --dev ideal-tools
TypeScript v3.8 is a peerDependency
of ideal, so ensure you have it setup with a root tsconfig.json
and installed as a dependency of your project.
There are currently two "tasks" provided, build:css
and build:js
. ideal uses a glob path to target files, and outputs, by default, in a relative directory: ./dist
. This can be configured with a contextual config file, outlined below.
Try it out:
$ ideal build:js ./src/*.ts
$ ideal build:css ./src/*.scss
You can configure each build task via CLI arguments, or with an ideal.config.js
file, located relative to where ideal is being run from.
Arguments are passed to ideal via the following pattern: --{key}={value}
. Where arguments are boolean
, no value is required and their presence consistutes true
.
See below for full list of configurable options:
Key | Value | Default | About |
---|---|---|---|
--outputPath | Path | ./dist | A relative path to where you would like files to be written |
--release | N/A | false | Determine whether files are built for development or production |
--sourceMap | N/A | false | Output source maps to built assets |
--cssModules | N/A | false | Hash class names and build a json map file |
--watch | N/A | false | Watch files for changes |
--watchPath | N/A | null | Path to where source files are being watched |
--verbose | N/A | false | Output more info in the console |
--pathAlias | Path | ./src | Define a path alias for webpack |
--filePrefix | String | null | Prepend this value to built assets, useful for versioning |
The structure of the ideal.config.js
file can be seen below. Each top level property key matches a particular build task, e.g build:css
.
module.exports = {
'build:css': {
cssModules: true,
watchPath: './src/**/*.scss',
...
},
'build:js': {
watchPath: './src/**/*.ts,
...
}
};
This is then picked up at runtime by ideal. Each set of properties match their CLI equivelants, in value and casing.
ideal allows you to manually specify a webpack.config.js
file in the root directory of where ideal is being run from. If this file is found, these values will be used, if not a default config will be used instead.
ideal creates an assets.json
file in the output directory (./dist
by default), that keeps a record of all assets built so far. Each subsequent run of ideal appends each file name as a property with the hashed or real file name as a value. Each build overides previous asset names or declares new ones that don't yet exist. This file is intended to be ephermeral, e.g when running a production build with --release
, this file should not exist in the output path. Equally the assets.json
file should not be commited to your repository. This ensures that the file is an accurate reflection of the built files for the currently provided source.
Once you've cloned this repo and run yarn
, then yarn start
, you can make use of npm link
to simulate how this package will work when installed globally. From there, you can run the following in a directory of your choice to run a build:
$ ideal build:js ./path/to/stuff --watch
FAQs
ideal is a collection of pre-existing tools for generating client assets, wrapped up in an easy to use CLI. It currently supports `TypeScript` and `SASS`. The tools used are as follows:
The npm package ideal-tools receives a total of 1 weekly downloads. As such, ideal-tools popularity was classified as not popular.
We found that ideal-tools demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.