
Research
Security News
Lazarus Strikes npm Again with New Wave of Malicious Packages
The Socket Research Team has discovered six new malicious npm packages linked to North Korea’s Lazarus Group, designed to steal credentials and deploy backdoors.
A git subcommand to query and validate CODEOWNERS.
List owners of files based on the CODEOWNERS file of the current repository.
> git codeowners src/main.rs
src/main.rs @weyland
> git codeowners `git ls-files`
.gitignore (unowned)
Cargo.lock @weyland
Cargo.toml @weyland
LICENSE (unowned)
README.md @weyland
src/main.rs @weyland
# Oops, did the last commit add unowned files?
> git diff --name-only --diff-filter=A | git codeowners
.gitignore @bob
LICENSE (unowned)
# I need stats about my repo
> echo `git ls-files | git codeowners | grep "(unowned)"| wc -l` out of `git ls-files | git codeowners | wc -l` files in this repository do not have a corresponding CODEOWNERS entry
2 out of 6 files in this repository do not have a CODEOWNERS entry
via pip: pip install git-codeowners
via Cargo: cargo install git-owners
Note: The Cargo crate installs an equivalent git-owners
command in addition to git-codeowners
, for backwards compatibility.
Show owner of a file
git codeowners some/path
Show owners for a list of files
git codeowners some/path some/other/path
Each path should be relative to the git repository root. This makes it easy to combine with other git commands:
Show owners for every tracked file in the repository
git ls-files | git codeowners
Show owners for files modified in last five commits
git diff --name-only HEAD~5 HEAD | git codeowners
Congratulate the user if the current changeset does not add files without owner
git diff --diff-filter=ACR --name-only | git codeowners && echo "Great job! No unowned files added!"
Get an overview of your CODEOWNERS coverage
echo `git ls-files | git codeowners | grep "(unowned)"| wc -l` out of `git ls-files | git codeowners | wc -l` files in this repository do not have a CODEOWNERS entry
CODEOWNERS
, docs/CODEOWNERS
, or .github/CODEOWNERS
)If you have any questions or problems, feel free to communicate using Github Issues.
FAQs
A git subcommand to query and validate CODEOWNERS
We found that git-codeowners demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
The Socket Research Team has discovered six new malicious npm packages linked to North Korea’s Lazarus Group, designed to steal credentials and deploy backdoors.
Security News
Socket CEO Feross Aboukhadijeh discusses the open web, open source security, and how Socket tackles software supply chain attacks on The Pair Program podcast.
Security News
Opengrep continues building momentum with the alpha release of its Playground tool, demonstrating the project's rapid evolution just two months after its initial launch.