libgrabber
Advanced tools
libgrabber is a bot that runs on jsDelivr's servers to auto-update projects. There are three simple steps to enable auto-updating:
If you are a developer and want to contribute to our bot's code, we also include [instructions](Running your own libgrabber bot) for running the bot locally.
Please upload only minified files on jsDelivr. Smaller files helps users load websites faster. Minified files also helps us with hosting and promotes good practices. If you need to upload images, see if extra compression can make your images smaller. SVG optimizers may also help with SVG files from Inkscape and Illustrator.
update.json schemalibgrabber looks for update.json at the root of each project folder. This file tells libgrabber where to check for project updates and which files it should copy to jsDelivr. You add update.json using these steps:
info.ini file using jsDelivr's file structure.update.json using this format:{
"packageManager": "<github|npm|bower>",
"name": "<package-name>",
"repo": "<user>/<repo>",
"files": {
"basePath": "<dir>",
"include": ["<glob-string-1>", "<glob-string-2>"],
"exclude": ["<glob-string-3>"]
}
}
packageManager (required) (github, npm or bower) - to declare which package manager libgrabber watches for new versions
name (required) - refers to package name on npm or Bower, or repo name when GitHub is used
repo (optional when npm or bower is used) - GitHub repository (for example jsdelivr/libgrabber)
files/basePath (optional) - base directory from which files are copied (for example dist/). Defaults to / (relative to the root directory of unpacked project package).
files/include (optional) - array that specifies files and dirs that will be copied from project package. Accepts one or more glob strings. Defaults to **/*, meaning all files and directories. Useful examples:
main.min.js - copies main.min.js file in the base dir*.js - copies javascript files found in the base dir**/*.js - copies javascript files found in the base directory and recursively in all its subdirectories. Directory structure will be retained.dist/*.js - copies javascript files from dist dir. Directory structure will not be retained (e.g. dist dir will be stripped when copied). To retain directory structure prepend glob with ./ e.g. ./vendors/*.jsfiles/exclude (optional) - array that specifies files and dirs that will be excluded. Format is the same as files/include.
Libgrabber glob functionality is based on node-glob, for more information and examples, please see its documentation.
package.json data, requriring hand editing and manual uploading.Following example excludes non-minified resources:
{
"packageManager": "github",
"name": "bootstrap",
"repo": "twbs/bootstrap",
"files": {
"basePath": "dist/",
"exclude": ["css/bootstrap.css", "css/bootstrap.css.map", "css/bootstrap-theme.css", "css/bootstrap-theme.css.map", "js/bootstrap.js"]
}
}
{
"packageManager": "github",
"name": "humane.js",
"repo": "wavded/humane-js",
"files": {
"include": ["humane.min.js", "humane.js", "./themes/**/*"]
}
}
{
"packageManager": "npm",
"name": "lodash",
"repo": "lodash/lodash",
"files": {
"basePath": "dist/"
}
}
{
"packageManager": "github",
"name": "jquery.midnight",
"repo": "Aerolab/midnight.js",
"files": {
"include": ["midnight.jquery.min.js"]
}
}
When libgrabber detects a release with a new SemVer compliant tag, it will automatically update the repo on jsDelivr. The packageManager value you chose in update.json determines where you need to update your actual package.
You can use the GitHub web GUI, or from CLI use git-tag to post a new release.
Use npm publish.
Bower has its own system to register packages, though the package file needs a git host. If GitHub is used, follow the instructions above to let Bower know your package is updated.
It is not required for you to run the bot yourself to update your own project. These instructions are for you to run libgrabber locally for testing.
$ git remote add upstream git@github.com:jsdelivr/jsdelivr.git
{
"github-access-token": "<secret>",
"pull-request-repo": "https://github.com/jsdelivr/jsdelivr",
"origin-repo": "<forked-repo-https-endpoint>",
"mention-repo-owner": false,
"papertrail-url": "<optional>",
"papertrail-hostname": "<optional>"
}
# --jsdelivr-path <path to the cloned forked repo>
# --config <path to the above mention config file>
# --project <name of project to update, if absent libgrabber will default to updating all projects>
$ libgrabber --jsdelivr-path jsdelivr/ --config jsdelivr/libgrabber.config.json --project projectName
FAQs
Automatically updates hosted projects on jsDelivr CDN.
The npm package libgrabber receives a total of 4 weekly downloads. As such, libgrabber popularity was classified as not popular.
We found that libgrabber demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
npm now supports Trusted Publishing with OIDC, enabling secure package publishing directly from CI/CD workflows without relying on long-lived tokens.
Research
/Security News
A RubyGems malware campaign used 60 malicious packages posing as automation tools to steal credentials from social media and marketing tool users.
Security News
The CNA Scorecard ranks CVE issuers by data completeness, revealing major gaps in patch info and software identifiers across thousands of vulnerabilities.