shrinkpack
web
shrinkpack | web | |
---|---|---|
7 | 157 | |
793 | 1,767 | |
- | 0.3% | |
0.0 | 6.4 | |
about 1 year ago | 9 months ago | |
TypeScript | JavaScript | |
MIT License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
shrinkpack
-
Local package mirror for fast, safe, reproducible builds using NPM.
It's https://github.com/JamieMason/shrinkpack
- Check-in NPM tarballs to freeze changes and install offline
- Check-in npm tarballs to freeze changes and install offline
- Open source developer corrupts widely-used libraries, affecting tons of projects
- Why you should pin your npm/yarn dependencies
-
Dev corrupts NPM libs 'colors' and 'faker' breaking thousands of apps
Using a lockfile and checking in your dependency tarballs [1] can help insulate you from these problems until you're ready to face them.
I created shrinkpack before left-pad and thankfully it meant that we were unaffected.
A lot of developers, understandably, baulk at checking in dependencies, but there is a concrete benefit in being able to continue uninterrupted during outages.
[1] https://github.com/JamieMason/shrinkpack
-
What NPM Should Do Today to Stop a New Colors Attack Tomorrow
Checking in your dependencies with https://github.com/JamieMason/shrinkpack can help insulate you from these problems until you're ready to face them. I created this before left-pad and thankfully meant that we were unaffected.
A lot of developers, understandably, baulk at checking in dependencies, but there is a concrete benefit in being able to continue uninterrupted during outages.
web
-
Octant is donating 1M in ETH to 10 public goods projects, and you can help decide how to allocate.
Here's the list of projects you can support: Clr.fund - https://clr.fund/ DAO Drops - https://daodrops.io/ Drips - https://www.drips.network/ Ethereum Cat Herders - https://www.ethereumcatherders.com ETHStaker - https://ethstaker.cc Giveth - https://giveth.io/ Gitcoin - https://gitcoin.co Kernel - https://www.kernel.community/en/ Protocol Guild - https://protocol-guild.readthedocs.io Supermodular - https://supermodular.xyz/
-
Daily General Discussion - April 12, 2023
The Gitcoin website has some of the worst information architecture, I have no idea what their team is doing. I can't imagine how many people visited gitcoin.co to donate and couldn't figure out how.
- Thoughts on building an ETH dominated portolio?
-
Best Websites For Coders
GitCoin : Gitcoin is the easiest way to monetize or incentivize work in Open Source Software.
-
Do you as a socialist consider blockchain tech as a path towards a worker-owned means of production? It’s the primary goal of many crypto projects.
Also, check out Gitcoin: https://gitcoin.co/ (which coincidentally does have a token) but has funneled over $65m directly to open source software developers. They’ve also recently formed a foundation that is governed by the token holders.
-
How can i work online for crypto?
Check out https://gitcoin.co/!
-
The Importance of Cryptocurrency to Web 3 and the Future of Decentralization
If you want to get involved then I suggest going to https://gitcoin.co/
-
Reminder for people interested in Bisq to get involved in discussing proposals on GitHub
There's other projects that have tried implementing something similar though.
-
Nano bounty program
Check out https://gitcoin.co. They provide a platform for web3 projects to provide bounties to people creating for projects.
-
Making money with ethdev projects?
gitcoin.co has bounties and hackathons with prizes.
What are some alternatives?
presetter - 🛹 Reuse and manage build scripts, devDependencies and config files from your favourite presets, instead of copy and paste!
opensea-js - TypeScript SDK for the OpenSea marketplace
slnpm - A simple and fast node.js package manager using symbolic link
rotki - A portfolio tracking, analytics, accounting and management application that protects your privacy
npm-deprecated-check - 🐦 Check for deprecated packages
openzeppelin-contracts - OpenZeppelin Contracts is a library for secure smart contract development.
isolate-package - Isolate a monorepo package with its internal dependencies to form a self-contained directory with a pruned lockfile
hevm - Dapp, Seth, Hevm, and more
yalc - Work with yarn/npm packages locally like a boss.
Gravitational Teleport - The easiest, and most secure way to access and protect all of your infrastructure.
hugo-installer - Installs hugo into your repository.
quadratic-funding - This is an open source implementation of quadratic funding, a design for philanthropic and publicly-funded seeding, which allows for optimal provisioning of funds to an ecosystem of public goods.