Security News
ESLint is Now Language-Agnostic: Linting JSON, Markdown, and Beyond
ESLint has added JSON and Markdown linting support with new officially-supported plugins, expanding its versatility beyond JavaScript.
safe-publish-latest
Advanced tools
Ensure that when you `npm publish`, the "latest" tag is only set for the truly latest version.
Ensure that when you npm publish
, the "latest" tag is only set for the truly latest version.
Add "safe-publish-latest" to your package.json
's "prepublish" script, and install in-publish
.
It will only activate during an actual npm publish
- it will silently do nothing during installs, and will error when run directly.
Example package.json
excerpt with no other prepublish commands:
{
"scripts": {
"prepublishOnly": "safe-publish-latest",
"prepublish": "not-in-publish || npm run prepublishOnly"
}
}
Example package.json
excerpt with another prepublish command:
{
"scripts": {
"prepublishOnly": "safe-publish-latest && npm run build",
"prepublish": "not-in-publish || npm run prepublishOnly"
}
}
Simply clone the repo, npm install
, and run npm test
v2.0.0 - 2021-10-13
getLatestError
: refactor to use Promises f44edd4
3a8d144
auto-changelog
08cf254
48455b3
exports
222b068
getLatestError
: remove unused options
param a3f5337
72dfebb
yargs
, in-publish
, semver
prepublishOnly
, for npm 7+node/install
instead of node/run
; use codecov
actionpull_request_target
eventeslint
, @ljharb/eslint-config
, tape
; add aud
nyc
on all testshosted-git-info
to ~2.7
due to breaking change in 2.8"semver
funding
fieldeslint
, @ljharb/eslint-config
hosted-git-info
to ~2.7
due to breaking change in 2.8eslint
, @ljharb/eslint-config
, tape
semver
semver
eslint
, @ljharb/eslint-config
, tape
eclint
instead of editorconfig-tools
npx aud
instead of nsp
or npm audit
with hoopsnode
v12.8
, v11.15
, v10.16
, v6.17
semver
, yargs
eslint
, @ljharb/eslint-config
, nsp
, tape
node
v10.8
, v9.11
, v8.11
, v6.14
, v4.9
; use nvm install-latest-npm
editorconfig-tools
allVersions
is an array, when there’s only oneyargs
eslint
, nsp
, tape
node
v6.6
, v4.5
; improve test matrixnpm info
—force-in-publish
to skip the “in publish” checksemver
, yargs
eslint
, @ljharb/eslint-config
, nsp
npm info $pkg versions -—json
rather than nom-package-versions
(#1)semver
eslint
, @ljharb/eslint-config
, nsp
FAQs
Ensure that when you `npm publish`, the "latest" tag is only set for the truly latest version.
The npm package safe-publish-latest receives a total of 23,226 weekly downloads. As such, safe-publish-latest popularity was classified as popular.
We found that safe-publish-latest demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
ESLint has added JSON and Markdown linting support with new officially-supported plugins, expanding its versatility beyond JavaScript.
Security News
Members Hub is conducting large-scale campaigns to artificially boost Discord server metrics, undermining community trust and platform integrity.
Security News
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.