Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
ng-lib-schematics
Advanced tools
Create Angular libraries in no time using Schematics. Think of ng generate component
, but for libraries.
node_modules
is yet available.npm i -g ng-lib-schematics
npm i -g @angular-devkit/core @angular-devkit/schematics-cli
This schematic will generate the library inside of an existing Angular project. If you already have a project in which you want to include your library then you can skip step 1.
npm i
only once at step 3.ng new <library-name> --skip-install
cd
into your new project and run the schematics inside:schematics ng-lib-schematics:lib-standalone --name <library-name>
npm i
app.module.ts
. Your library is now just another module of your app:import { SampleModule } from '../lib';
...
imports: [ BrowserModule, SampleModule ]
app.component.html
and add the sample component:<sample-component></sample-component>
. It should render this:Note: Make sure you run the schematics in dry run mode first to know upfront what this thing will do to your project. Once you get comfortable with all the changes you can run the schematics again without dry run. To dry run the schematic simply append the --dry-run
flag to the command in step 2.
npm run build:lib
cd dist
npm publish
Important:
build:lib
in your project, then you'll have to manually run gulp --gulpfile gulpfile.lib.js
to build the library.It's important that you know what this schematic will do and how your project will look like after applying it:
src/lib
.src/lib/src
. You can safely change the names of the existing files inside this folder and go nuts building your library.src/lib/build-tools
along with all the build utils.gulpfile.lib.js
will be created at the root of the project. It will simple import the main gulpfile located at src/lib/src/build-tools/gulpfile.js
.devDependencies
. These are needed to build your library at the release stage.scripts
object inside your main package.json
file:
a. "build:lib": "gulp --gulpfile gulpfile.lib.js"
: Script to build the release artifacts of your library.
b. "version": "sync-json -v --property version --source package.json src/lib/package.json"
: Version hook to sync versions between your root package.json
and src/lib/package.json
. This will allow you to run npm version <type>
at the root of your project and still have your library version up to date.Thanks for even thinking about contributing. Open up issues or PRs and we'll discuss about it.
npm i
npm run watch
. This will output the schematic package to dist and watch for changes.cd
into dist
and run npm link
. At this point, ng-lib-schematics
is symlinked to your global node_modules.
ng new lib-test
schematics ng-lib-schematics:lib-standalone --name <library-name>
Find below some of the libraries built on top of these schematics:
I took a bunch of ideas from the Yeoman's Angular library generator by Jurgen Van de Moere. Feel free to use whatever works best for you, both Schematics and Yeoman will get you to the same exact point.
MIT
FAQs
Angular schematics to easily create Angular libraries
The npm package ng-lib-schematics receives a total of 5 weekly downloads. As such, ng-lib-schematics popularity was classified as not popular.
We found that ng-lib-schematics demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.