Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
liferay-npm-bundler-plugin-namespace-packages
Advanced tools
A liferay-npm-bundler plugin to namespace package names based on root project's name.
Namespace package names based on the root project's package name and version. This plugin prepends
<project-package-name>$
to each package name appearance in package.json files so that the packages are isolated per project and don't clash.
npm install --save-dev liferay-npm-bundler-plugin-inject-angular-dependencies
Add the following to your .npmbundlerrc
file:
Without options:
{
"*": {
"plugins": ["namespace-packages"]
}
}
This plugins rewrites package names in package.json
files to prepend the root
project's name to them.
In case a module belongs to a scoped package, the root project's name is
prepended to the scope name not including the @
. So, for example,
@a-scope/a-package
would be converted to @my-project$a-scope/a-package
.
This plugin is normally used to sandbox dependencies of a whole project so that they are not shared with any other project. This, of course, disables the possibility of deduplication between different projects, but leads to better stability and predictability during runtime (specially when using peer dependencies).
When this plugin is used you are guaranteed that you will get the same dependencies during runtime as during development.
Please note that, if you intend to use this plugin with liferay-npm-bundler
,
you should also use its counterpart
babel-plugin-namespace-modules
which namespaces modules inside AMD define()
and require()
calls too.
FAQs
A liferay-npm-bundler plugin to namespace package names based on root project's name.
The npm package liferay-npm-bundler-plugin-namespace-packages receives a total of 2,825 weekly downloads. As such, liferay-npm-bundler-plugin-namespace-packages popularity was classified as popular.
We found that liferay-npm-bundler-plugin-namespace-packages demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 14 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.