Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
load-grunt-tasks
Advanced tools
The load-grunt-tasks npm package is designed to simplify the process of loading multiple grunt tasks into a Gruntfile. It automatically loads all grunt tasks specified in the package.json file, reducing the need for repetitive code and making the Gruntfile cleaner and easier to maintain.
Automatic Task Loading
This feature allows you to automatically load all grunt tasks specified in your package.json file. By requiring 'load-grunt-tasks' and passing the grunt instance to it, you eliminate the need to manually load each task.
module.exports = function(grunt) {
require('load-grunt-tasks')(grunt);
grunt.initConfig({
// Your configuration here
});
};
Custom Task Pattern
This feature allows you to specify custom patterns for loading tasks. By providing a pattern array, you can control which tasks are loaded, including scoped packages.
module.exports = function(grunt) {
require('load-grunt-tasks')(grunt, { pattern: ['grunt-*', '@*/grunt-*'] });
grunt.initConfig({
// Your configuration here
});
};
Custom Configurations
This feature allows you to customize the configuration file and scope from which tasks are loaded. You can specify a different configuration file and limit the scope to dependencies, devDependencies, or peerDependencies.
module.exports = function(grunt) {
require('load-grunt-ttasks')(grunt, { config: 'package.json', scope: 'devDependencies' });
grunt.initConfig({
// Your configuration here
});
};
jit-grunt is a package that loads grunt tasks just-in-time, meaning it only loads the tasks that are needed for the current grunt task being run. This can improve performance by reducing the initial load time compared to load-grunt-tasks, which loads all tasks upfront.
time-grunt is a package that helps you measure the time taken by each grunt task. While it doesn't load tasks like load-grunt-tasks, it complements it by providing insights into task performance, helping you optimize your build process.
Load multiple grunt tasks using globbing patterns
Usually you would have to load each task one by one, which is unnecessarily cumbersome.
This module will read the dependencies
/devDependencies
/peerDependencies
/optionalDependencies
in your package.json and load grunt tasks that match the provided patterns.
grunt.loadNpmTasks('grunt-shell');
grunt.loadNpmTasks('grunt-sass');
grunt.loadNpmTasks('grunt-recess');
grunt.loadNpmTasks('grunt-sizediff');
grunt.loadNpmTasks('grunt-svgmin');
grunt.loadNpmTasks('grunt-styl');
grunt.loadNpmTasks('grunt-php');
grunt.loadNpmTasks('grunt-eslint');
grunt.loadNpmTasks('grunt-concurrent');
grunt.loadNpmTasks('grunt-bower-requirejs');
require('load-grunt-tasks')(grunt);
$ npm install --save-dev load-grunt-tasks
// Gruntfile.js
module.exports = grunt => {
// Load all grunt tasks matching the ['grunt-*', '@*/grunt-*'] patterns
require('load-grunt-tasks')(grunt);
grunt.initConfig({});
grunt.registerTask('default', []);
};
require('load-grunt-tasks')(grunt);
Equivalent to:
require('load-grunt-tasks')(grunt, {pattern: ['grunt-*', '@*/grunt-*']});
require('load-grunt-tasks')(grunt, {pattern: 'grunt-contrib-*'});
require('load-grunt-tasks')(grunt, {pattern: ['grunt-contrib-*', 'grunt-shell']});
You can exclude tasks using the negate !
globbing pattern:
require('load-grunt-tasks')(grunt, {pattern: ['grunt-contrib-*', '!grunt-contrib-coffee']});
require('load-grunt-tasks')(grunt, {config: '../package'});
devDependencies
require('load-grunt-tasks')(grunt, {scope: 'devDependencies'});
devDependencies
and dependencies
require('load-grunt-tasks')(grunt, {scope: ['devDependencies', 'dependencies']});
require('load-grunt-tasks')(grunt, {
pattern: 'grunt-contrib-*',
config: '../package.json',
scope: 'devDependencies',
requireResolution: true
});
Type: string | string[]
Default: ['grunt-*', '@*/grunt-*']
(Glob pattern)
Type: string | object
Default: Path to nearest package.json
Type: string | string[]
Default: ['dependencies', 'devDependencies', 'peerDependencies', 'optionalDependencies']
Values: 'dependencies'
, 'devDependencies'
, 'peerDependencies'
, 'optionalDependencies'
, 'bundledDependencies'
Type: boolean
Default: false
Traverse up the file hierarchy looking for dependencies like require()
, rather than the default grunt-like behavior of loading tasks only in the immediate node_modules
directory.
FAQs
Load multiple grunt tasks using globbing patterns
The npm package load-grunt-tasks receives a total of 124,051 weekly downloads. As such, load-grunt-tasks popularity was classified as popular.
We found that load-grunt-tasks demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.