Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
truffle-box
Advanced tools
Truffle Box management functionality.
Handles behavior for unboxing a new project from a predefined Truffle Box.
const TruffleBox = require("truffle-box");
// `truffle-box` prompts when unboxing into non-empty directories & before potential overwrites
// a `force` option can be passed to force unboxing. default is false
const unboxOptions = { force: false };
// .unbox() validates & unboxes truffle box repos
// pass the current working directory as directory to unbox into
TruffleBox.unbox("https://github.com/trufflesuite/truffle-init-default", process.cwd(), unboxOptions);
// or specify relative path to unbox into (path must already exist)
TruffleBox.unbox("https://github.com/trufflesuite/truffle-init-default", "some/relativePath", unboxOptions);
Truffle Boxes are configured via a required truffle-box.json
file in the
box repo's root directory.
This box configuration file specifies an object containing the following properties:
ignore
A list of relative paths to files that should be removed upon box unpack. Useful to remove box READMEs or other artifacts that pertain to box but not the set-up Truffle project.
Example:
"ignore": [
"README.md",
".gitignore"
]
commands
An object mapping supported behaviors for project to invoked command strings.
truffle unbox
prints commands to screen upon unboxing for documentation
purposes.
Example:
"commands": {
"compile": "truffle compile",
"migrate": "truffle migrate",
"test": "truffle test"
}
hooks
An object to specify commands to run at particular steps in the unbox process. Maps strings identifying individual hooks to command strings.
Example:
"hooks": {
"post-unpack": "npm install"
}
post-unpack
If provided, runs command after box files are fetched and cleaned up for a new project.
Commonly useful to install dependencies, e.g.
FAQs
Truffle project boilerplate utility
The npm package truffle-box receives a total of 7 weekly downloads. As such, truffle-box popularity was classified as not popular.
We found that truffle-box demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 8 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
Security News
A Stanford study reveals 9.5% of engineers contribute almost nothing, costing tech $90B annually, with remote work fueling the rise of "ghost engineers."
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.