Sidekick - your code, made perfect.
We need git to be installed on your machine.
npm i sidekick -g
Sidekick does not ship with any analysers, so you will need to install them. Its really easy to do:
sidekick analysers --install
You can check that your system is configured correctly:
sidekick config
If git is not available on your path, then you will need to tell us where it has been installed to:
sidekick config --git=/some/path/to/git
###You can run Sidekick on your CI server:
sidekick run --ci
This will install all the analysers that are needed, run them against your code and optionally fail the build.
sidekick run --travis
Will analyse just the changes that prompted the travis build. This is great for analysing Pull Requests with just 2 lines of config!
###You can run Sidekick against code on your machine:
cd your/repo
sidekick run
or
sidekick run path/to/your/repo
This will evaluate the working copy of the repo's code on your machine.
You can use --compare and --versus cli arguments to compare your working copy with other local or remote branches.
###You can configure how sidekick analyses your files
By default, we look at the contents of your repo and run analysers that we think will be useful, e.g. if we find
JavaScript files, we will run a JavaScript TODO/FIXME finder, if we find a package.json file, we will run our
david-dm analyser on your dependencies..
You can add a .sidekickrc file to your repo to tell us what analysers you would like to run, and which ones can
fail the build. To create a default .sidekickrc file:
sidekick init
Sidekick also has a git pre-push hook and a GUI that helps you fix your issues before they are pushed to a remote repo.
This GUI is in beta at the moment. Please go to our web site to sign up for the beta.
If you want to get support then we have a chat room. If you want to raise issues then you can do so here.
Thanks for trying Sidekick.
FAQs
Your code, made perfect.
We found that sidekick demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.
Security News
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.