Security News
Crates.io Implements Trusted Publishing Support
Crates.io adds Trusted Publishing support, enabling secure GitHub Actions-based crate releases without long-lived API tokens.
By Sarah Gooding - Jul 16, 2025
You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 4-6.RSVP →
- Maintainers
- 1
BuildMe 🛠️
Another build system. A simple command runner thats it.
What is BuildMe 🤔️
Well this pretty much sums it up.
Why???
IDK. I saw this comic and decided that I want a build system of my own.
And,
- Makefile's are shit.
- Cmake is complicated
- Meson requires two dependencies (Meson and Ninja)
- Bazel, corporate BS
It does come with some feature.
- It is just command runner (Does not give an f about the file or it's mod time)
- v0.3.0 onwards, buildme does give an f about the file and it's mod times (times have changed)
- It's just python. Anything that works on python works on buildme script.
- you want a build script that has access to
pandas, well you can now have it.
- you want a build script that has access to
Docs 🧾️
- Install buildme
pip3 install git+https://github.com/Adwaith-Rajesh/buildme.git
OR
pip3 install buildme
- Create a
buildmescriptThe shebang is IMPORTANT (This thingy -> #!/bin/env buildme)
#!/bin/env buildme
from buildme import CommandRunner, target
cr = CommandRunner()
@target()
def foo(_, __):
print('This is the foo target')
@target()
def bar(_, __):
cr.run('echo this is from bar target')
@target(depends=['foo', 'bar'])
def all(_, __): pass
- Make it executable
$ ./buildme foo
This is the foo target
$ ./buildme bar
================================================================================
[CMD]: echo this is from bar target
this is from bar target
================================================================================
$ ./buildme all
This is the foo target
================================================================================
[CMD]: echo this is from bar target
this is from bar target
================================================================================
More docs can be found here: Docs
- Buildme
- Target
- CommandRunner
- Receiving Command line args
- Getting info about the target itself
- Dynamic 'creates'
- Combining Ideas
- Helper functions
Bye....
FAQs
Yep, Its another build system
We found that buildme demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Tracking Protestware Spread: 28 npm Packages Affected by Payload Targeting Russian-Language Users
Undocumented protestware found in 28 npm packages disrupts UI for Russian-language users visiting Russian and Belarusian domains.
By Olivia Brown - Jul 15, 2025
Research
/Security News
Contagious Interview Campaign Escalates With 67 Malicious npm Packages and New Malware Loader
North Korean threat actors deploy 67 malicious npm packages using the newly discovered XORIndex malware loader.
By Kirill Boychenko - Jul 14, 2025