Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
preval-build-info
Advanced tools
Readme
Pre-evaluate git info, version number, timestamp, etc at build time.
Useful if you need build information in your application but you use a predefined build system (and
don't want to eject) like Angular CLI, for example. Other common solutions require adding a file
to your repository and committing it. That's not ideal because these values change so frequently
(every commit). preval-build-info
works by reading information from your repository, but storing
the build information within the node_modules folder.
npm install preval-build-info --save
When you import preval-build-info
, it contains the information for your repository. The version
is pulled from your project's package.json and all the Git information is from your repo.
import * as info from 'preval-build-info';
console.log(info.version);
// => '1.0.0'
console.log(info.timestamp);
// => '1614300015989'
console.log(info.dateTime);
// => '2021-02-26T00:40:15.989Z'
console.log(info.gitHash);
// => 'c8b316d820b7c9cb3b99e8739c2212d34c892815'
console.log(info.gitHashShort);
// => 'c8b316d'
console.log(info.gitTag);
// => 'v1.0.0'
console.log(info.gitBranch);
// => 'master'
Build information is generated on postinstall
. If you also need to update build info manually, you
can use preval-build-info-cli
in your project's scripts. For example:
"scripts": {
"prebuild": "preval-build-info-cli",
}
npm install
npm run build
FAQs
Pre-evaluate git info, version number, timestamp, etc at build time
The npm package preval-build-info receives a total of 719 weekly downloads. As such, preval-build-info popularity was classified as not popular.
We found that preval-build-info demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.