npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

travis-github-status

v1.6.3

Published

Set statuses on github from travis for: jest, flow, eslint, snyk, codeclimate

Downloads

583

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

faceyspaceyfaceyspaceyzackljacksonzackljackson

Keywords

travisgithubjesteslintflowcodeclimatesnykcistatus

Readme

travis-github-status

This package tacks on additional status "checks" with meaningful messages to your builds as displayed on Github (in PRs, commits, etc). That way developers can see all that went wrong (or right) with the build without leaving Github.

github status checks

Use this as your primary means of running tests, linting and flow type checking. You will can list the services you want in your .travis.yml file as shown below.

Supported Tools:

  • jest
  • eslint
  • flow
  • snyk (vulernabilities reporting)
  • codeclimate (test coverage)

note: all tools will get a chance to run even if an earlier one fails--that way you have as much information as available within github.

Installation

yarn add --dev travis-github-status

  • 1 ) To allow 3rd party PRs to post post status checks to github, we have created a runkit endpoint you have to clone: https://runkit.com/faceyspacey/github-status-reporter-4-travis

  • 2 ) Clone it, and connect with Github on the "environment variables" page: https://runkit.com/settings/environment

  • 3 ) Then publish your runkit endpoint, and copy/paste its URL to your Travis repo's RUN_KIT_URL environment variable.

Usage

Simply pass as args the names of checks to run (do not trigger your npm test script another way):

language: node_js

node_js:
  - stable

cache: yarn

script:
  - node_modules/.bin/travis-github-status lint flow jest snyk codeclimate #omit tools you don't want statuses for

note: codeclimate uploads the coverage report to codeclimate.com, rather than reports a status

Notes

As for security, yes anyone can now create a status on a build by pinging your end point. But nothing more. If they clone it, the way Runkit works is the clone will use that person's environment variables. So if they edit the code, whatever they do will only affect their account.

So as for creating statuses on your builds, it's basically harmless and not going to happen. A sneaky individual would need to go get your commit shas, etc, and fake it. Then when they do, what happens? An extra message appears in a PR on github. Who cares. Likely never going to happen since it's so useless outside of its precise purpose. But if I've missed something security-related, please let me know.

Contributing

We use commitizen, so run npm run cm to make commits. A command-line form will appear, requiring you answer a few questions to automatically produce a nicely formatted commit. Releases, semantic version numbers, tags and changelogs will automatically be generated based on these commits thanks to semantic-release.

TO DO:

  • Feel free to add more services such as Typescript, other test runners, etc.

Tests

Yea, it's pretty much self-testing. It runs itself in the CI server (Travis), and if it can't run itself, it's failing, but feel free to add some official unit tests.