rfcs
patch-package
rfcs | patch-package | |
---|---|---|
35 | 65 | |
718 | 9,975 | |
0.6% | - | |
5.7 | 6.3 | |
11 days ago | 15 days ago | |
JavaScript | TypeScript | |
GNU General Public License v3.0 or later | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
rfcs
-
Yarn 4.0
npm workspaces plus Wireit works far better than Lerna, in my experience.
https://github.com/google/wireit
Wireit's ability to specify actual script dependencies, do caching (and on Github actions), and it's long-running service script support make it much more useful and comprehensive than Lerna.
I agree that this should be built into npm. There's an RRFC for it here: https://github.com/npm/rfcs/issues/706
-
NPM vs Yarn?
It's coming https://github.com/npm/rfcs/blob/main/accepted/0042-isolated-mode.md
-
How do you know that the .exe or .apk file for an open source software on github is actually compiled from the viewable source code?
This just got accepted as a proposal in NPM: https://github.com/npm/rfcs/pull/626
-
Why aren't Node.js package managers interoperable?
npm also plans to support pnpm-style node_modules
-
Axios shipped a buggy version and it broke many productions apps. Let this be a lesson to pin your dependencies!
(I usually end up removing npm ci from CI/CD since I think it is way too slow and want to cache node_modules from previous builds; I'm waiting for https://github.com/npm/rfcs/issues/415 to land to make this fail-safe npm install --from-lockfile. Yarn does support this already)
- How to run multiple NPM commands simultaneously using concurrently
- [RRFC] Parallel script execution when value is set to an array of text. · Issue #610 · npm/rfcs
- Lerna has gone. Which Monorepo is right for a Node.js BACKEND now?
- NPM introduces a new Dependency Selector Syntax
-
How to respond to growing supply chain security risks?
I started following this problem from the discussion at npm about making install scripts opt-in. But install scripts are not the only threat, there are more ways for malicious actors:
patch-package
-
Finding Stars and Affirmations in the Sky with Three.js for Ayra Starr
In order to allow users to use their device as a controller to adjust the position of the camera and find stars, I use the depreciated DeviceOrientationControls by patching it back into Three. In order for DeviceOrientationControls to function, we need access the user to grant access to their device's orientation. I attempt to gain access to this, alongside their camera, during a previous step of the UX using a custom composable I wrote for this purpose. You can see that permission step in the mockup video above. Once this permission is granted, we can initialize our DeviceOrienationControls with a single line.
-
TypeScript NPM Packages Done Right
If you use Yarn, there’s the `yarn patch` command [1], which lets you maintain patches for your dependencies. Even though I try to upstream patches wherever possible, sometimes you just want to apply a quick patch and move on, especially if the dependency is poorly maintained or even worse, deeply nested in your dependency hierarchy. I use `yarn patch` regularly, it’s one of the main reasons why I moved to Yarn in the first place.
If you’re not using Yarn, there seems to be a similar thing on npm, `patch-package`. [2] I never had to use that though.
[1]: https://yarnpkg.com/cli/patch
[2]: https://www.npmjs.com/package/patch-package
- Fix broken node modules instantly
-
How to ignore an error , that happens in a node modules library ?
You can use patch-package to edit the part of the library.
- Jest not recommended to be used in Node.js due to instanceOf operator issues
-
Getting kinda stuck with a build error, any help much appreciated
patch-package
-
Credentials Leak with Knex
NPM doesn't have a patch command, but you can use patch-package to achieve the same result.
-
Why react native is so shit
If there's issue ticket discussing it and someone can fix it, ask for patch file and use patch-package to patch it
- Eas local build, how skip npm install
-
Invariant Violation: ViewPropTypes has been removed from React Native. Migrate to ViewPropTypes exported from 'deprecated-react-native-prop-types'.
You can try this (I highly recommend you to use the Patch Package library to track changes on any external library that you are using. (https://www.npmjs.com/package/patch-package)
What are some alternatives?
vm2 - Advanced vm/sandbox for Node.js
husky - Git hooks made easy 🐶 woof!
pnpm - Fast, disk space efficient package manager
node-pre-gyp - Node.js tool for easy binary deployment of C++ addons
corepack - Zero-runtime-dependency package acting as bridge between Node projects and their package managers
vite - Next generation frontend tooling. It's fast!
Cargo - The Rust package manager
vercel - Develop. Preview. Ship.
GHSA-g2q5-5433-rhrf
Faker.js - What really happened with Aaron Swartz?
feedback - Public feedback discussions for npm
basic-ftp - FTP client for Node.js, supports FTPS over TLS, passive mode over IPv6, async/await, and Typescript.