Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

node-core-utils

Package Overview
Dependencies
Maintainers
7
Versions
70
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

node-core-utils

Utilities for Node.js core collaborators

  • 3.4.1
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
2.8K
increased by25.43%
Maintainers
7
Weekly downloads
 
Created
Source

Node.js Core Utilities

npm Build Status codecov Known Vulnerabilities

CLI tools for Node.js Core collaborators.

Tools

Usage

Install

npm install -g node-core-utils

If you would prefer to build from the source, install and link:

git clone git@github.com:nodejs/node-core-utils.git
cd node-core-utils
npm install
npm link

Setting up GitHub credentials

Most of the tools need your GitHub credentials to work. You can either

  1. Run any of the tools and you will be asked in a prompt to provide your username and password in order to create a personal access token.
  2. Or, create a personal access token yourself on GitHub, then set them up using an editor.

If you prefer option 2, follow these instructions to create the token.

When creating the token, the following boxes need to be checked:

  • user:email: Used by git-node and get-metadata to read the email of the PR author in order to check if it matches the email of the commit author.
  • read:org: Used by ncu-team to read the list of team members.

Optionally, if you want to grant write access so git-node can write comments:

  • public_repo (or repo if you intend to work with private repositories).

You can also edit the permission of existing tokens later.

After the token is generated, create an rc file with the following content: (~/.ncurc or $XDG_CONFIG_HOME/ncurc):

{
  "username": "your_github_username",
  "token": "token_that_you_created"
}

Note: you could use ncu-config to configure these variables, but it's not recommended to leave your tokens in your command line history.

Setting up Jenkins credentials

The git-node and ncu-ci commands need to query the Node.js Jenkins API for CI results, so you'll need to configure the Jenkins API token before using these commands.

To obtain the Jenkins API token

  1. Open https://ci.nodejs.org/user/<your-github-username>/configure (replace <your-github-username> with your own GitHub username).

  2. Click on the ADD NEW TOKEN button in the API Token section.

  3. Enter an identifiable name (for example, node-core-utils) for this token in the inbox that appears, and click GENERATE.

  4. Copy the generated token.

  5. Add it into your ncurc file (~/.ncurc or $XDG_CONFIG_HOME/ncurc) with jenkins_token as key, like this:

    {
      "username": "your_github_username",
      "token": "your_github_token",
      "jenkins_token": "your_jenkins_token"
    }
    

Make sure your credentials won't be committed

Put the following entries into your global gitignore file ($XDG_CONFIG_HOME/git/ignore or a file specified by core.excludesFile):

# node-core-utils configuration file
.ncurc
# node-core-utils working directory
.ncu

Mind that .ncu/land could contain your access token since it contains the serialized configurations.

If you ever accidentally commit your access token on GitHub, you can simply revoke that token and use a new one.

Shell autocomplete

To add autocomplete just run git-node completion and follow the instructions. (same for the rest of the tools)

Troubleshooting

If you encounter an error that you cannot fix by yourself, please

  1. Make sure you update NCU to the latest version
  2. Try again with the NCU_VERBOSITY=debug environment variable set and open an issue at https://github.com/nodejs/node-core-utils/issues with detailed logs.

Contributing

See CONTRIBUTING.md.

License

MIT. See LICENSE.

FAQs

Package last updated on 12 Sep 2023

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc