Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
respec-issues
Advanced tools
A utility to turn ReSpec issues into GitHub issues and link these together via the data-number attribute.
ReSpec-Issues is a small utility to turn ReSpec issues into GitHub issues and link these together via the data-number attribute. It also allows to easily update them by regularly running the script.
This script simply iterates through all the issues it finds in the the spec and creates or updates them on GitHub. It then adds the data-number attribute that references the GitHub issue directly back into the file. You can then simply push those changes back to the GH repository and you're done.
You'll need to generate a GH token for this script to work and pass it to the script as an env variable or through the command line args.
Install as a global npm package:
$ npm install -g respec-issues
First, set the issueBase
property of the respecConfig
object to:
http://github.com/:owner/:repo/issues
Just run the following from the CLI.
$ respec-issues ./path/to/spec/file [your-github-token]
Note that you can also pass the GitHub token as the GITHUB_TOKEN
env variable.
Commit the changes in the spec to the repo.
To update the GH issues with changes in the spec, just run the script again. It will update issues that have been modified, skip those that haven't changed and add new ones.
When you remove the issue from the spec, remember to add say so in the commit
message (e.g. "... closes #32."
) as GitHub will pick it that up and close
the issue for you.
FAQs
A utility to turn ReSpec issues into GitHub issues and link these together via the data-number attribute.
The npm package respec-issues receives a total of 0 weekly downloads. As such, respec-issues popularity was classified as not popular.
We found that respec-issues demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.