Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
lerna-script
Advanced tools
For usage scenarios documentation please see root of repo;
lerna-script
exports a cli script:
lerna-script [options] <task>
where options:
info
;task:
lerna.js
file.Returns list of packages/modules in repo - forward to lerna;
Parameters:
npmlog
logger;Returns Package of root module.
Parameters:
npmlog
logger;Executed provided command for all lernaPackages
in a serial fashion. taskFn
can be either sync task or return a Promise
.
Parameters:
changes.build
;(lernaPackage, log) => Promise
.Returns promise with task results.
Executed provided command for all lernaPackages
in a parallel fashion(Promise.all
). taskFn
can be either sync task
or return a Promise
.
Parameters:
changes.build
;(lernaPackage, log) => Promise
.Returns promise with task results.
Executed provided command for all lernaPackages
in a batched fashion respecting dependency graph. taskFn
can be either
sync task or return a Promise
.
Parameters:
changes.build
;(lernaPackage, log) => Promise
.Returns promise without results (undefined).
Executes given command for a package and returns collected stdout
.
Note that command
is a single command, meaning rm -f zzz
and not ex. rm -f zzz && mkdir zzz
. It's just for convenience
you can provide command and args as a single string.
Argument list #1:
Argument list #2:
rootPackage()
or packages()
;true
;Returns:
Executes given npm script for a package and returns collected stdout
.
Argument list #1:
Argument list #2:
rootPackage()
or packages()
;true
;Returns:
Marks package as built.
Parameters:
npmlog
logger;Marks package as unbuilt.
Parameters:
npmlog
logger;Returns true if package is build and false otherwise.
Parameters:
Filters-out packages that have been marked as built changes.build
and were not changed since. Note that it filters-out also dependent packages, so if:
Then it will return only c
as b
has changed and a
depends on b
, so it needs to be rebuilt/retested/re...
Parameters:
npmlog
logger;Note: this filter mutates built/unbuild state, meaning that it unbuilds dependents to get reproducible runs.
Filters-out packages that have did not change since refspec
- ex. master, brach, tag.
Parameters:
npmlog
logger;refspec
= master, branchname, tag...Filters-out packages by provided glob pattern.
Parameters:
npmlog
logger;Returns a list of packages tgat includes dependencies of filteredPackages
that are in lernaPackages
.
Parameters:
npmlog
logger;lernaPackages
.Reads a file as string by default or accepts a custom converter.
Parameters:
lernaPackage
root.JSON.parse
Writes string/buffer to file, accepts custom formatter.
Automatically detects and formats object.
Parameters:
lernaPackage
root.FAQs
lerna extension for custom scripts
The npm package lerna-script receives a total of 1,369 weekly downloads. As such, lerna-script popularity was classified as popular.
We found that lerna-script demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.