Security News
crates.io Ships Security Tab and Tightens Publishing Controls
crates.io adds a Security tab backed by RustSec advisories and narrows trusted publishing paths to reduce common CI publishing risks.
By Sarah Gooding - Jan 27, 2026
🚀 Launch Week Day 5:Introducing Immutable Scans.Learn More →
tdp-public-sdk
Advanced tools
Package was removed
Sorry, it seems this package was removed from the registry
tdp-public-sdk
> 该项目为 TDP 部门前端 SDK 管理和开发仓库,采用 pnpm(参考:https://www.pnpm.cn/) 搭建 monorepo(参考:https://zhuanlan.zhihu.com/p/513171061) 工程管理模块,它不再分多个 git 仓库,而是在一个 git 仓库里面管理多个项目,每个项目有自己的 package.json 文件,有自己的 node_modules 目录。开发阶段使用 Esbuild(参考:https://esbuild.github.io/) 打包应用,
TDP Public SDk
项目介绍
该项目为 TDP 部门前端 SDK 管理和开发仓库,采用 pnpm(参考:https://www.pnpm.cn/) 搭建 monorepo(参考:https://zhuanlan.zhihu.com/p/513171061) 工程管理模块,它不再分多个 git 仓库,而是在一个 git 仓库里面管理多个项目,每个项目有自己的 package.json 文件,有自己的 node_modules 目录。开发阶段使用 Esbuild(参考:https://esbuild.github.io/) 打包应用,保证开发响应速度,生产阶段使用 Rollup(参考:https://www.rollupjs.com/) 打包应用,生成多种文件格式,满足不同平台使用。
安装使用
- 获取项目代码
git clone https://gitlab.xpaas.lenovo.com/tdp/data-modeler/tdp-web-platform/tdp-public-sdk.git
- 安装依赖
该项目使用 pnpm 软件包管理器(请先安装 pnpm)
npm install -g pnpm
如果是根目录,会安装根目录依赖和所有 packages 依赖
cd tdp-public-sdk
pnpm install
- 单独向根目录安装依赖,所有项目公用依赖(workspace)
pnpm add xxx -w
- 内部依赖安装
指定命令空间 @test/lib,指定为 @test/app 添加依赖
$ pnpm i @test/lib --filter @test/app
- 特定 package 增加外部依赖
--filter为制定 package 添加依赖
pnpm add lodash --filter @test/lib
- 开发
开发环境使用 esbuild 打包
pnpm dev
- dev 单独打包 packages 内的项目
"dev": "node scripts/dev.js 具体打包项目名称 -f esm",
- 生产打包
将 packages 所有项目打包
pnpm build
- build 单独打包 packages 内的项目
请见 scripts/build.js 注释内容
Git Hooks
git hooks 工具 husky,规范提交格式。(详情请查看 commitlint.config.js) git commit 阶段会经过多种 lint 检查,pretty 代码格式化检查,注意你提交的代码是否符合 lint 规则。(详情请查看 package.json)
packages 各模块 package.json
针对 rollup 打包
"buildOptions": {
"name": "TDPWebMonitorSDK",
"formats": [
"esm-browser",
"esm-bundler",
"cjs",
"global"
],
"sourcemap": false,
"env": "development"
}
参数说明
| 名称 | 作用 |
|---|---|
| name | 打包后对外暴露方法 |
| formats | 支持打包的文件格式 |
| sourcemap | 支持 sourcemap |
| env | 环境 |
FAQs
> 该项目为 TDP 部门前端 SDK 管理和开发仓库,采用 pnpm(参考:https://www.pnpm.cn/) 搭建 monorepo(参考:https://zhuanlan.zhihu.com/p/513171061) 工程管理模块,它不再分多个 git 仓库,而是在一个 git 仓库里面管理多个项目,每个项目有自己的 package.json 文件,有自己的 node_modules 目录。开发阶段使用 Esbuild(参考:https://esbuild.github.io/) 打包应用,
The npm package tdp-public-sdk receives a total of 0 weekly downloads. As such, tdp-public-sdk popularity was classified as not popular.
We found that tdp-public-sdk demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 05 Dec 2022
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Malicious Chrome Extension Performs Hidden Affiliate Hijacking
A Chrome extension claiming to hide Amazon ads was found secretly hijacking affiliate links, replacing creators’ tags with its own without user consent.
By Kush Pandya - Jan 27, 2026
Security News
curl Shuts Down Bug Bounty Program After Flood of AI Slop Reports
A surge of AI-generated vulnerability reports has pushed open source maintainers to rethink bug bounties and tighten security disclosure processes.
By Sarah Gooding - Jan 23, 2026