Security News
New Python Packaging Proposal Aims to Solve Phantom Dependency Problem with SBOMs
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
Package Builder for the .gl
-libraries of Scape Agency and its affiliates.
Pack.gl is a highly customizable and efficient package builder designed to streamline software development workflows. It provides a modular framework for managing build pipelines with support for live reload functionality.
pack.gl
is a package builder designed to enhance the efficiency and organization of software development projects. Key to its design philosophy is the adaptability to various development workflows, making it an ideal companion for a range of projects from small-scale personal endeavors to large, complex enterprise applications. pack.gl
stands not just as a tool but as a partner in the software development journey, enhancing productivity, reducing overhead, and bringing clarity and ease to the package management process.
To install pack.gl
, use npm or yarn:
npm install pack.gl --save-dev
yarn add pack.gl --dev
Clone the Repository:
git clone <https://github.com/stylescape/pack.gl.git>
cd pack.gl
Install Dependencies:
npm install
Build the Project:
npm run build
Link the CLI Globally:
npm link
Run the pipeline defined in your pack.yaml file:
pack
Run the pipeline with live reload enabled:
pack --live
The pipeline configuration is defined in a pack.yaml file located in the root of your project. Here’s an example:
stages:
- name: build
steps:
- name: compile
action: build
options:
source: src/
output: dist/
- name: test
dependsOn: [build]
steps:
- name: run-tests
action: test
Stage and Step Structure
Compile the TypeScript files into JavaScript:
npm run build-tsc
Run ESLint to check for code issues:
npm run lint
Run all tests in the src/tests directory:
npm run test
To enable live reload during development, add the --live flag:
pack --live
pack.gl/
├── src/
│ ├── core/ # Core pipeline logic
│ ├── live/ # Live reload server and related components
│ ├── actions/ # Built-in step actions (e.g., build, test)
│ ├── tests/ # Unit tests
│ └── pack.ts # Entry point for the CLI
├── dist/ # Compiled JavaScript output
├── pack.yaml # Example configuration file
├── package.json # Project metadata and dependencies
├── tsconfig.json # TypeScript configuration
└── README.md # Project documentation
The Pipeline class manages the execution of stages and steps defined in the pack.yaml file.
The LiveReloadServer provides live reload functionality by watching files for changes and notifying connected clients.
The ConfigLoader reads and validates the pipeline configuration from the pack.yaml file.
Pack.gl supports plugin-based actions. Default actions include:
Custom actions can be implemented and registered as plugins.
pack.gl is an open-source project by Scape Agency.
Scape Agency is a spatial innovation collective that dreams, discovers and designs the everyday of tomorrow. We blend design thinking with emerging technologies to create a brighter perspective for people and planet. Our products and services naturalise technology in liveable and sustainable –scapes that spark the imagination and inspire future generations.
We'd love for you to contribute and to make this project even better than it is today! Please refer to the contribution guidelines for information.
Contributions are welcome! Follow these steps to contribute:
Copyright © 2024 Scape Agency BV. All Rights Reserved.
Except as otherwise noted, the code in this repository is licensed under the MIT License. Also see LICENSE. The documentation is licensed under the Creative Commons Attribution 4.0 International (CC BY 4.0) License.
THIS SOFTWARE IS PROVIDED AS IS WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING ANY IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, OR NON-INFRINGEMENT.
Made with ❤️ by Scape Agency
FAQs
Package Builder.
The npm package pack.gl receives a total of 27 weekly downloads. As such, pack.gl popularity was classified as not popular.
We found that pack.gl demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
Security News
Socket CEO Feross Aboukhadijeh discusses open source security challenges, including zero-day attacks and supply chain risks, on the Cyber Security Council podcast.
Security News
Research
Socket researchers uncover how threat actors weaponize Out-of-Band Application Security Testing (OAST) techniques across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.