shrinkpack
faker.js
shrinkpack | faker.js | |
---|---|---|
7 | 11 | |
793 | 2 | |
- | - | |
0.0 | 0.0 | |
about 1 year ago | about 1 year ago | |
TypeScript | JavaScript | |
MIT License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
shrinkpack
-
Local package mirror for fast, safe, reproducible builds using NPM.
It's https://github.com/JamieMason/shrinkpack
- Check-in NPM tarballs to freeze changes and install offline
- Check-in npm tarballs to freeze changes and install offline
- Open source developer corrupts widely-used libraries, affecting tons of projects
- Why you should pin your npm/yarn dependencies
-
Dev corrupts NPM libs 'colors' and 'faker' breaking thousands of apps
Using a lockfile and checking in your dependency tarballs [1] can help insulate you from these problems until you're ready to face them.
I created shrinkpack before left-pad and thankfully it meant that we were unaffected.
A lot of developers, understandably, baulk at checking in dependencies, but there is a concrete benefit in being able to continue uninterrupted during outages.
[1] https://github.com/JamieMason/shrinkpack
-
What NPM Should Do Today to Stop a New Colors Attack Tomorrow
Checking in your dependencies with https://github.com/JamieMason/shrinkpack can help insulate you from these problems until you're ready to face them. I created this before left-pad and thankfully meant that we were unaffected.
A lot of developers, understandably, baulk at checking in dependencies, but there is a concrete benefit in being able to continue uninterrupted during outages.
faker.js
-
[AskJS] looking for suggestions for better ways to serve up fake data for frontend tests
I think Faker is your friend here: https://www.npmjs.com/package/faker
- Faker – What Happened with Aaron Swartz?
-
Ways to reduce execution time on automated tests
✅ Use API / libraries to quickly generate test data - Instead of creating test data via the UI, it is significantly faster via API or libraries. Plug-ins such as faker or running API's can be included in the test scripts before any UI functionality is performed.
-
How to Build a Webex Chatbot in Node.js
We also use the faker package (locked to version 5.5.3, since the latest version no longer works as expected). This library is often used for generating fake test data, but its API includes a set of calls for generating company buzz phrases. That’s what Buzz will use to generate the phrases we’re looking for.
-
What NPM Should Do Today to Stop a New Colors Attack Tomorrow
They supposedly took over the npm packages[0,1], not the github.com repos. npm is a system where you push archives as package versions, it doesn't do its own pull from a github repo or otherwise.
0: https://www.npmjs.com/package/colors
1: https://www.npmjs.com/package/faker
- Open source maintainer pulls the plug on NPM packages colors and faker, now what
-
Faker.js corpo takeover
This week, if you tried to install Faker.js (a very popular library for creating mocks) you've noticed version was set on "6.6.6" and all code was gone with the text "What really happened with Aaron Swartz?".
-
The EndGame - Fakerjs
About Four (4) Days Ago, the Author of Fakerjs a popular JavaScript library with more than 2 million weekly Download from NPM Deleted the repository and replaced it with one that only has the modified ReadMe "What really happened with Aaron Swartz?" and no content, and pushed an empty package to npm as the latest version (6.6.6).
-
Faker package replaced with v6.6.6, dev calls out Aaron Swartz conspiracy
https://www.npmjs.com/package/faker
- What happened with Aaron Swartz? Asked by popular NPM package
What are some alternatives?
presetter - 🛹 Reuse and manage build scripts, devDependencies and config files from your favourite presets, instead of copy and paste!
colors.js - get colors in your node.js console
slnpm - A simple and fast node.js package manager using symbolic link
npm-deprecated-check - 🐦 Check for deprecated packages
isolate-package - Isolate a monorepo package with its internal dependencies to form a self-contained directory with a pruned lockfile
yalc - Work with yarn/npm packages locally like a boss.
hugo-installer - Installs hugo into your repository.
rushstack - Monorepo for tools developed by the Rush Stack community
nix-installer-action - The Github Action for the Determinate Nix Installer
web - Grow Open Source
cache - Cache dependencies and build outputs in GitHub Actions