Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
jsrun
Advanced tools
Readme
The npm run-script build system, compatible with gulp.
Does this seems familiar to you?
{
"name": "my-awesome-package",
...
"scripts": {
// My very long lines run-scripts:
"lint": "jshint lib test index.js --reporter node_modules/jshint-stylish/stylish.js --exclude node_modules",
"test": "npm run lint && node test/index.js | tap-spec",
"build": "browserify index.js -d -t babelify | uglifyjs -m -c > bundle.min.js",
"cover": "istanbul cover --report html --print detail ./test/index.js",
"coveralls": "npm run cover && istanbul report lcov && cat coverage/lcov.info | coveralls && rm -rf ./coverage"
}
}
Well, it happened to me. My run-scripts grew longer from time to time. And one day, I just couldn't take it anymore.
Thanks to npm-run, JsRun runs your local bins, just like npm run stuff
.
// jsrunfile.js
var jsrun = require('jsrun');
jsrun.just('lint', [
'jshint', [
'lib test index.js',
['--reporter', 'node_modules/jshint-stylish/stylish.js'],
['--exclude', 'node_modules']
]
]);
// Use task dependencies like we did in gulp
jsrun.just('test', ['lint'], [
'node test/index.js | tap-spec'
]);
var bundleFileName = 'bundle.min.js';
jsrun.just('build', [
// Create as many layers of array as you want
['browserify', [
'index.js',
'-d',
['-t', 'babelify']
]],
// You can use "|" and "&&" in JsRun
'|',
'uglifyjs', [
'-m', '-c',
// Use string variables
['>', bundleFileName]
]
]);
// Just like gulp.task
// You can use callbacks, promises and of course, streams.
jsrun.task('hello', function(cb) {
console.log('Hello');
setTimeout(function() {
console.log('World!');
cb();
}, 500);
});
jsrun.task('default', ['lint', 'test', 'build']);
npm install jsrun -g
With JsRun, you won't need another plugin like grunt-contrib-something
or
gulp-this-and-that
. Your tools always stay updated instead of relying on
plugins. And most importantly, JsRun is always compatible to your tools,
as long as they are command-line scripts.
Sometimes, there might be something you want to comment in your build script,
and it is impossible in the package.json
. And we want variables for filenames
in different scripts, again, impossible for package.json
.
You can always write shell scripts inside JsRun for these tasks. However, if you want to keep these shell commands portable, we recommend using shelljs.
You can use watch mode from your tools if they are available. On the other hand, if it's not available, you can try catw.
JsRun's jsrunfile.js
JsRun is a fork of gulp. We simply took the file-system-related stuff(vinyl-fs) away and put the npm-run task runner inside.
In addition, thanks to the modular source code of gulp, JsRun is made simple and lean. The implementation of JsRun is only about 0.5kloc.
FAQs
The npm run-script build system, compatible with gulp
The npm package jsrun receives a total of 1 weekly downloads. As such, jsrun popularity was classified as not popular.
We found that jsrun demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.