{"id":42215077,"url":"https://github.com/abcnews/aunty","last_synced_at":"2026-01-27T01:11:43.870Z","repository":{"id":16047784,"uuid":"79186948","full_name":"abcnews/aunty","owner":"abcnews","description":"A toolkit for working with ABC News projects","archived":false,"fork":false,"pushed_at":"2025-12-12T00:28:02.000Z","size":6518,"stargazers_count":32,"open_issues_count":28,"forks_count":3,"subscribers_count":5,"default_branch":"main","last_synced_at":"2025-12-13T06:03:49.628Z","etag":null,"topics":["abc","babel","build-tool","cli","javascript","jest","news","preact","react","svelte","tool","vue","webpack"],"latest_commit_sha":null,"homepage":"https://www.npmjs.com/package/@abcnews/aunty","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/abcnews.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2017-01-17T04:07:14.000Z","updated_at":"2025-12-12T00:28:06.000Z","dependencies_parsed_at":"2024-01-26T03:26:40.468Z","dependency_job_id":"12118158-76ae-4e6b-b9d9-ede5c950f703","html_url":"https://github.com/abcnews/aunty","commit_stats":{"total_commits":608,"total_committers":11,"mean_commits":55.27272727272727,"dds":0.5986842105263157,"last_synced_commit":"13cc08b1c8034ae21447b919c5c4377529399496"},"previous_names":[],"tags_count":136,"template":false,"template_full_name":null,"purl":"pkg:github/abcnews/aunty","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/abcnews%2Faunty","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/abcnews%2Faunty/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/abcnews%2Faunty/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/abcnews%2Faunty/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/abcnews","download_url":"https://codeload.github.com/abcnews/aunty/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/abcnews%2Faunty/sbom","scorecard":{"id":160053,"data":{"date":"2025-08-11","repo":{"name":"github.com/abcnews/aunty","commit":"6125e2e5f88b78bd386ea503d4e63aeb75c342c5"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.8,"checks":[{"name":"Code-Review","score":3,"reason":"Found 5/14 approved changesets -- score normalized to 3","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/tests.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/abcnews/aunty/tests.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/abcnews/aunty/tests.yml/main?enable=pin","Warn: npmCommand not pinned by hash: .github/workflows/tests.yml:15","Info: 0 out of 2 GitHub-owned GitHubAction dependencies pinned","Info: 0 out of 1 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 21 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"38 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8","Warn: Project is vulnerable to: GHSA-h5c3-5r3r-rr8q","Warn: Project is vulnerable to: GHSA-rmvr-2pp2-xj38","Warn: Project is vulnerable to: GHSA-xx4v-prfh-6cgc","Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg","Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6","Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc","Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx","Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc","Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp","Warn: Project is vulnerable to: GHSA-fjxv-7rqg-78g4","Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27","Warn: Project is vulnerable to: GHSA-4www-5p9h-95mh","Warn: Project is vulnerable to: GHSA-9gqv-wp59-fq42","Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22","Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp","Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv","Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55","Warn: Project is vulnerable to: GHSA-76c9-3jph-rj3q","Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j","Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w","Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw","Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg","Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5","Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p","Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36","Warn: Project is vulnerable to: GHSA-52f5-9888-hmc6","Warn: Project is vulnerable to: GHSA-cchq-frgv-rjh5","Warn: Project is vulnerable to: GHSA-g644-9gfx-q4q4","Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986","Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6","Warn: Project is vulnerable to: GHSA-4v9v-hfq4-rm2v","Warn: Project is vulnerable to: GHSA-9jgg-88mc-972h","Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-16T13:08:17.487Z","repository_id":16047784,"created_at":"2025-08-16T13:08:17.487Z","updated_at":"2025-08-16T13:08:17.487Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28794938,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-27T01:07:07.743Z","status":"ssl_error","status_checked_at":"2026-01-27T01:07:06.974Z","response_time":59,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["abc","babel","build-tool","cli","javascript","jest","news","preact","react","svelte","tool","vue","webpack"],"created_at":"2026-01-27T01:11:43.387Z","updated_at":"2026-01-27T01:11:43.855Z","avatar_url":"https://github.com/abcnews.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# @abcnews/aunty\n\nA toolkit for working with ABC News projects\n\n## Installation\n\nTo use the CLI to create new projects, install the latest aunty release globally:\n\n```bash\nnpm install --global @abcnews/aunty\n```\n\nProjects based on aunty's project templates already have aunty listed as a local dependency, locked to the version used to create it.\n\n## Usage\n\nFor usage instructions, run `aunty` with no arguments, or for details on specific commands, run:\n\n```bash\naunty help \u003ccommand\u003e\n```\n\nThe CLI contains four types of command, grouped by purpose:\n\n- Creating new projects (`new`, `init`)\n- Generating stuff (`generate`) like components\n- Developing projects (`clean`, `build`, `serve`, `test`)\n- Deploying (un)versioned projects (`deploy`, `release`)\n\n### Starting projects\n\nWhen creating new projects, you should be using the global **aunty**:\n\n```bash\n/some/parent/directory $ aunty new\n```\n\nor, from within a (preferably empty) directory:\n\n```bash\n/some/parent/directory/my-project $ aunty init\n```\n\n### Developing projects\n\nWhen working inside a project directory that has the aunty dependency installed, you'll automatically be running that local `aunty`:\n\n```bash\n/some/parent/directory/my-project $ aunty \u003cbuild|serve|...\u003e [options]\n```\n\nThis ensures that any changes to future versions of aunty won't impact your project, and you can manually update the local aunty when you're ready to accommodate those changes.\n\nProject-level commands can use an optional configuration, which you can either export from a project-level `aunty.config.js` file:\n\n```js\nmodule.exports = {\n type: '\u003cproject_type\u003e',\n // aunty command configuration\n build: {…},\n serve: {…},\n deploy: [{…}],\n // internal tools configuration\n babel: {…},\n jest: {…},\n webpack: {…},\n webpackDevServer: {…}\n};\n```\n\n...or add to your `package.json` file as an `aunty` property:\n\n```js\n\"aunty\": {\n \"type\": \"\u003cproject_type\u003e\",\n \"build\": {…},\n \"serve\": {…},\n \"deploy\": [{…}],\n \"babel\": {…},\n \"jest\": {…},\n \"webpack\": {…},\n \"webpackDevServer\": {…}\n}\n```\n\nFor example to include a package that needs to be pre-processed, include in `aunty.config.js`\n\n```js\nmodule.exports = {\n build: {\n includedDependencies: [\"runed\"],\n },\n};\n```\n\nSupported project `type`s (currently: `basic`, `preact`, `react` \u0026 `svelte`) have their own default build configuration, but you can override it by extending your project configuration.\n\nThe `build`, `serve` and `deploy` properties allow you to override the default settings for those respective commands. Their respective properties (and default values) are documented below.\n\nAunty uses some tools internally, which you can also provide custom configuration for. If you supply an object for the `babel`, `jest`, `webpack`, and/or `webpackDevServer` properties, that object will be merged into the default configuration. Optionally, you can supply a function (for any property), which will be passed the default configuration for you to manually modify and return.\n\nIf you're looking to see what the default configuration is for any command (and their internal tools), or the impact of your additions, you can always perform a dry run of the command by using the `--dry` (or `-d`) flag:\n\n```bash\n/some/parent/directory/my-project $ aunty serve --dry\n```\n\nOverrides should be used sparingly, as the advantages of using a single-dependency toolkit are most apparent when we don't deviate far from the defaults.\n\nIf you don't need to override any of the project defaults, your entire aunty configuration can be a string containing the project type, as a shorthand for `{type: \"\u003cproject_type\u003e\"}`. `type` is the only required property in your aunty configuration.\n\n#### `build` config properties\n\n| property | default | description |\n| ---------------------- | ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |\n| `entry` | `\"index\"` | The entry file for your project (extension should be unspecified). You can optionally supply an array for multiple entry points, which will result in multiple outputs. |\n| `from` | `\"src\"` | The source directory that aunty will look for your entry file(s) in. |\n| `to` | `\".aunty/build\"` | The destination directory for your compiled and static assets. |\n| `staticDir` | `\"public\"` | The directory you store static assets in. You can optionally supply an array of directories, which will be merged at build time. |\n| `addModernJS` | `false` | Setting this to true will enable a 2nd output file for each entry file named `{name}.modern.js`, which is skips browserlist-based feature polyfilling |\n| `includedDependencies` | `[]` | Any packages (defined by name string or name-matching `RegExp`s) you add to this array will be transpiled in the same manner as the project source. |\n| `extractCSS` | `false` | Setting this to true will create a separate `{name}.css` output for each input, rather than bundling it with the JS (for dynamic `\u003cstyle\u003e` insertion). |\n| `useCSSModules` | `true` | Setting this to false will turn off CSS module compilation. All styles written will be 'global', and importing CSS files will not give you an object of `className` references. |\n| `showDeprecations` | `false` | Setting this to true will allow NodeJS to output stack traces of deprecation warnings. |\n\n#### `serve` config properties\n\n| property | default | description |\n| ------------------- | ------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |\n| `hasBundleAnalysis` | `false` | Setting this to true will spin up a second server on another port, allowing you to inspect your bundle. The address will be logged to the console when the dev server starts. |\n| `host` | `\"localhost\"` | The hostname of your dev server. If you're on the ABC internal network, the default will change to your machine's hostname (`ws\u003cnumber\u003e.aus.aunty.abc.net.au`). The `AUNTY_HOST` environment variable, if present, will override this setting. |\n| `hot` | `true` | Should the dev server enable hot reloading. If `NODE_ENV !== \"development\"`, the default will change to `false`. |\n| `https` | `true` | Should the dev server use SSL (with a self-signed certificate matching the `host`). You can alternatively supply your own `{cert: string, key: string}` object if you've generated your certificate some other way. |\n| `port` | `8000` | The port number of your dev server. If the port specified is unavailable, **aunty** will try incrementing the port number until it finds an available one. The `AUNTY_PORT` environment variable, if present, will override this setting. |\n\n#### `deploy` config properties\n\n`deploy` should be an array of config objects, one for each deployment target (e.g. ContentFTP)\n\n| property | default | description |\n| ------------------- | ----------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |\n| `from` | build config `to` value | The directory to deploy files from (if you haven't overridden the build `to` value, it should be \".aunty/build\") |\n| `files` | `\"**\"` | A glob matching the files under your `from` directory to deploy |\n| `profile` | `\"contentftp\"` | This should be the name of a key in your `~/.abc-credentials` file, which will be consulted to populate login credentials. If this is `\"contentftp\"` it will also populate the config's `to` and `resolvePublicPath` properties. |\n| `publicPath` | `\"/\"` | If `resolvePublicPath` is defined, `publicPath` will be overwritten by the return value of that function. |\n| `resolvePublicPath` | `undefined` | A function which takes the initial config as an object, and returns an updated `publicPath`. If `profile=\"contentftp\"`, this will be a function that knows how ContentFTP directories map onto ABC URLs. |\n| `to` | `undefined` | The directory on your target to deploy files to. If `profile=\"contentftp\"` , this will be a versioned directory where we deploy News projects to. If you set this to a string, the patterns `\u003cname\u003e` and `\u003cid\u003e` will be replaced by the project name, and the current deployment ID, respectively. During releases, `id` is the current version; during development, it's the current git branch name. You can also specify a custom deployment ID by using the `--id` flag when running `aunty build`. |\n\nYou _could_ also specify `type` (`\"ftp\"`/`\"ssh\"`), `host`, `port`, `username` \u0026 `password`, but these are best left inside your `.abc-credentials` file.\n\n### Generators\n\nAunty comes with a few basic generators. Run `aunty generate --help` for the full list, or `aunty generate \u003cgenerator\u003e --help` for further details.\n\n## Authors\n\n- Colin Gourlay\n- Simon Elvery ([elvery.simon@abc.net.au](mailto:elvery.simon@abc.net.au))\n- Joshua Byrd ([byrd.joshua@abc.net.au](mailto:byrd.joshua@abc.net.au))\n- Nathan Hoad\n\n## Thanks\n\nThis project was originally inspired by [nwb](https://github.com/insin/nwb), a React/Preact/Inferno toolkit by [Jonny Buchanan](https://twitter.com/jbscript). If you're looking to develop your own toolkit, Jonny's created a fantastic [guide](https://github.com/insin/ad-hoc-reckons) to get you started.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fabcnews%2Faunty","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fabcnews%2Faunty","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fabcnews%2Faunty/lists"}