Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
link-parent-bin
Advanced tools
Readme
Link the bins of parent (dev) dependencies to the child packages in a multi-package lerna-like project. Stuff just works as expected.
NOTE: This package is no longer needed and thus deprecated. Since recent NPM releases, any parent directory's "node_modules/.bin" is automatically added to the PATH when using npm run
.
Let's say your repo looks like this:
root/
package.json
packages/
package-1/
package.json
package-2/
package.json
Well... you're probably managing your devDependencies
at root level only. For example: you have one mocha
installed at root with npm i -D mocha
.
Now if you add an npm script in package-1/package.json
:
"scripts": {
"test": "mocha"
}
And run:
$ npm run test
> package-1@0.0.1 test /package-1
> mocha
'mocha' is not recognized as an internal or external command
npm ERR!
...thats not so nice. You're basically forced to run all npm scripts from the root level. But after running link-parent-bin
:
$ npm run test
> package-1@0.0.1 test /package-1
> mocha
linked from parent...
√ and it worked!
Install the package in the root of your multiple packages repository.
npm i -D link-parent-bin
Add the following npm script in your root package.json
:
"scripts": {
"link-parent-bin": "link-parent-bin"
}
Run it with npm run link-parent-bin
.
npm run link-parent-bin
[INFO] ParentBinLinker - Linking dependencies ["mocha"] under children ["package-1", "package-2"]
And your done.
Since you're probably not releasing your parent module anyway, it might be better to add the linking to the post-install step:
"scripts": {
"postinstall": "link-parent-bin"
}
-or if you're using lerna
"scripts": {
"postinstall": "lerna bootstrap && link-parent-bin"
}
This way, other developers don't have to run this script manually.
$ node_modules/.bin/link-parent-bin --help
Usage: link-parent-bin [options]
Options:
-V, --version output the version number
-c, --child-directory-root <child-directory> The directory that hosts the child packages relative to the parent root. (default: "packages")
-d, --link-dev-dependencies <true|false> Enables linking of parents `devDependencies`. Defaults to: true (default: true)
-s, --link-dependencies <true|false> Enables linking of parents `dependencies`. Defaults to: false (default: false)
-o, --link-local-dependencies <true|false> Enables linking of parents `localDependencies`. Defaults to: false (default: false)
-l, --log-level <debug|info|error|off> Set the log level (default: "info")
--filter <pattern> Specify a [minimatch](https://www.npmjs.com/package/minimatch) glob pattern to specify which child packages under the child packages directory should receive symlinks. (default: "*")
-h, --help display help for command
const { ParentBinLinker } = require('link-parent-bin');
const linker = new ParentBinLinker({ childDirectoryRoot: 'packages', linkDevDependencies: true, linkDependencies: false, linkLocalDependencies: false });
linker.linkBinsToChildren()
.then(() => console.log('done'))
.catch(err => console.error('Error Linking packages', err));
Type declaration files are included for the TypeScript developers out there.
FAQs
[![Mutation testing badge](https://img.shields.io/endpoint?style=flat&url=https%3A%2F%2Fbadge-api.stryker-mutator.io%2Fgithub.com%2Fnicojs%2Fnode-link-parent-bin%2Fmaster)](https://dashboard.stryker-mutator.io/reports/github.com/nicojs/node-link-parent-bi
The npm package link-parent-bin receives a total of 2,471 weekly downloads. As such, link-parent-bin popularity was classified as popular.
We found that link-parent-bin demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.