Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
nq-jslib-base
Advanced tools
nq-jslib-base
简体中文 | English
最好用的 JS 第三方库脚手架,fork 或 clone 本仓库,即可搭建完成一个新库的基础框架
:star: 特性
- 支持ES6+编写源码,编译生成生产代码
- 集成 babel-runtime (默认关闭)
- 第三方依赖自动注入(自动剔除第三方依赖无用代码tree shaking)
- 多环境支持(支持浏览器原生,支持AMD,CMD,支持Webpack,Rollup,fis等,支持Node)
- 集成代码风格校验(eslint)
- 集成单元测试环境(mocha)
- 集成测试覆盖率(istanbul)
- 集成可持续构建工具travis-ci
- 支持自定义banner
- 支持一键重命名
- 集成ISSUE_TEMPLATE
注意: 如果不同时使用
export与export default可打开legacy模式,legacy模式下的模块系统可以兼容ie6-8,见rollup配置文件
:pill: 兼容性
单元测试保证支持如下环境:
| IE | CH | FF | SF | OP | IOS | Android | Node |
|---|---|---|---|---|---|---|---|
| 8+ | 29+ | 55+ | 9+ | 50+ | 9+ | 4+ | 8+ |
注意:编译代码依赖ES5环境,对于ie8需要引入es5-shim才可以兼容,可以查看demo/demo-global.html中的例子
:open_file_folder: 目录介绍
.
├── demo 使用demo
├── dist 编译产出代码
├── doc 项目文档
├── src 源代码目录
├── test 单元测试
├── CHANGELOG.md 变更日志
└── TODO.md 计划功能
:rocket: 使用者指南
可查看 demo目录 范例
通过npm下载安装代码
$ npm install --save nq-jslib-base
如果你是node环境
const nqJslibBase = require('nq-jslib-base');
如果你是webpack等环境
import nqJslibBase from 'nq-jslib-base';
如果你是requirejs环境
如果你是浏览器环境
<script src="node_modules/nq-jslib-base/dist/nq-jslib-base.min.js"></script>
:bookmark_tabs: 文档
:kissing_heart: 贡献者指南
首次运行需要先安装依赖
$ npm install
一键打包生成生产代码
$ npm run build
运行单元测试:
$ npm test
注意:浏览器环境需要手动测试,位于
test/browser
修改 package.json 中的版本号,修改 README.md 中的版本号,修改 CHANGELOG.md,然后发布新版
$ npm run release
将新版本发布到npm
$ npm publish
重命名项目名称,首次初始化项目是需要修改名字,或者后面项目要改名时使用,需要修改rename.js中的fromName和toName,然后运行 npm run rename,这条命令会自动重命名下面文件中的名字
- README.md 中的信息
- package.json 中的信息
- config/rollup.js 中的信息
- test/browser/index.html 中的仓库名称
- demo/demo-global.html 中的仓库名称
贡献者列表
:gear: 更新日志
:airplane: 计划列表
:bulb: 谁在使用
鸣谢
捐赠
如果你觉得它有用,你可以给我买一杯奶茶。
FAQs
A modern Javascript library scaffolding
The npm package nq-jslib-base receives a total of 0 weekly downloads. As such, nq-jslib-base popularity was classified as not popular.
We found that nq-jslib-base demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 06 Oct 2019
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024