{"id":13941302,"url":"https://github.com/ehmicky/dev-tasks","last_synced_at":"2026-02-13T00:02:15.613Z","repository":{"id":40985399,"uuid":"171259146","full_name":"ehmicky/dev-tasks","owner":"ehmicky","description":"Automated development tasks for my own projects","archived":false,"fork":false,"pushed_at":"2025-10-11T04:42:09.000Z","size":23469,"stargazers_count":7,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-02-12T08:29:40.506Z","etag":null,"topics":["babel","cli","code-quality","continuous-integration","es6","eslint","github-actions","gulp","gulp-tasks","gulpjs","javascript","json","library","markdown","nodejs","npm","npmjs","shell","terminal","testing"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ehmicky.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-02-18T10:01:07.000Z","updated_at":"2025-10-11T04:42:13.000Z","dependencies_parsed_at":"2023-02-19T11:31:38.872Z","dependency_job_id":"c26ca08d-aa6c-4a9f-8734-a7da9cef4635","html_url":"https://github.com/ehmicky/dev-tasks","commit_stats":{"total_commits":2692,"total_committers":3,"mean_commits":897.3333333333334,"dds":"0.0070579494799405396","last_synced_commit":"5bb4dedb76bf342575f2b79258db0e0c1d3c17a0"},"previous_names":["ehmicky/gulp-shared-tasks"],"tags_count":717,"template":false,"template_full_name":null,"purl":"pkg:github/ehmicky/dev-tasks","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ehmicky%2Fdev-tasks","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ehmicky%2Fdev-tasks/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ehmicky%2Fdev-tasks/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ehmicky%2Fdev-tasks/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ehmicky","download_url":"https://codeload.github.com/ehmicky/dev-tasks/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ehmicky%2Fdev-tasks/sbom","scorecard":{"id":369634,"data":{"date":"2025-08-11","repo":{"name":"github.com/ehmicky/dev-tasks","commit":"a3b92861f216fe700554f5ddae905cb172e4cd19"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.8,"checks":[{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":6,"reason":"8 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 6","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/build.yml:1","Warn: no topLevel permission defined: .github/workflows/workflow.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Pinned-Dependencies","score":3,"reason":"dependency not pinned by hash detected -- score normalized to 3","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/ehmicky/dev-tasks/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/ehmicky/dev-tasks/build.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/ehmicky/dev-tasks/build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/ehmicky/dev-tasks/build.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/workflow.yml:5: update your workflow using https://app.stepsecurity.io/secureworkflow/ehmicky/dev-tasks/workflow.yml/main?enable=pin","Info:   0 out of   3 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   2 third-party GitHubAction dependencies pinned","Info:   1 out of   1 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Vulnerabilities","score":6,"reason":"4 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-xffm-g5w8-qvg7","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-52f5-9888-hmc6","Warn: Project is vulnerable to: GHSA-cxrh-j4jr-qwg3"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-18T12:40:33.336Z","repository_id":40985399,"created_at":"2025-08-18T12:40:33.336Z","updated_at":"2025-08-18T12:40:33.336Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29387683,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-12T22:07:52.078Z","status":"ssl_error","status_checked_at":"2026-02-12T22:07:49.026Z","response_time":55,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["babel","cli","code-quality","continuous-integration","es6","eslint","github-actions","gulp","gulp-tasks","gulpjs","javascript","json","library","markdown","nodejs","npm","npmjs","shell","terminal","testing"],"created_at":"2024-08-08T02:01:16.072Z","updated_at":"2026-02-13T00:02:15.575Z","avatar_url":"https://github.com/ehmicky.png","language":"JavaScript","funding_links":[],"categories":["JavaScript"],"sub_categories":[],"readme":"[![Node](https://img.shields.io/badge/-Node.js-808080?logo=node.js\u0026colorA=404040\u0026logoColor=66cc33)](https://www.npmjs.com/package/@ehmicky/dev-tasks)\n[![Browsers](https://img.shields.io/badge/-Browsers-808080?logo=firefox\u0026colorA=404040)](https://www.npmjs.com/package/@ehmicky/dev-tasks)\n[![Mastodon](https://img.shields.io/badge/-Mastodon-808080.svg?logo=mastodon\u0026colorA=404040\u0026logoColor=9590F9)](https://fosstodon.org/@ehmicky)\n[![Medium](https://img.shields.io/badge/-Medium-808080.svg?logo=medium\u0026colorA=404040)](https://medium.com/@ehmicky)\n\nAutomated development tasks (linting, testing, building) for\nJavaScript/TypeScript code (Node.js and/or browsers).\n\nThis is used in my own projects. This is not meant to be shared and semantic\nversioning is not followed.\n\nThe task runner is [Gulp](https://gulpjs.com/), but you don't need to know Gulp\nto use these tasks.\n\nAlso, Docker must be installed globally and executable by the current user\nwithout `sudo`.\n\n# Workflow\n\nCode is compiled from the `src` to the `build` directory using\n[Babel](https://babeljs.io), so you can use the latest JavaScript features.\n\nLinting and formatting are performed with [ESLint](https://eslint.org),\n[Prettier](https://prettier.io), [Jscpd](https://github.com/kucherenko/jscpd)\nand [lychee](https://lychee.cli.rs). We recommend using plugins with your IDE\n(code editor) for both Prettier and ESLint so that linting/formatting is\nperformed as you code.\n\nWe use [Ava](https://github.com/avajs/ava) to run tests. Each line of code must\nbe tested.\n\nWe use [tsd](https://github.com/SamVerschueren/tsd) to test TypeScript types.\nEach export must be fully typed using either TypeScript regular files (`*.ts`)\nor ambient files (`*.d.ts`).\n\n# Usage\n\nAny task can be run using `gulp` for example:\n\n```bash\ngulp build\n```\n\nIf you're on `cmd.exe` (Windows) use `npx gulp ...` instead.\n\n# Overview\n\nThe main commands are:\n\n- [`gulp build`](#gulp-build): build source files and test files. Must be run\n  before running any code or unit tests.\n- [`gulp check`](#gulp-check): lint/format the JavaScript and TypeScript files.\n- [`gulp type`](#gulp-type): run TypeScript type tests.\n- [`gulp unit`](#gulp-unit): run unit tests.\n- [`gulp test`](#gulp-test): perform all of the above tasks.\n\nUse `gulp buildWatch`, `gulp typeWatch`, and `gulp unitWatch` to run them in\nwatch mode.\n\n[GitHub actions](https://github.com/features/actions) ensures that:\n\n- tests pass on all supported environments.\n- all source files are covered by tests and follow the same coding style.\n\n# Available tasks\n\n## `gulp build`\n\nBuild source files and test files:\n\n- JavaScript and TypeScript files are transpiled with\n  [Babel](https://babeljs.io/).\n- Other files are copied as is.\n\nSource files and test files are built from the `src` directory to the\n`build/src` directory.\n\nThis must be done before linting or running any code or unit tests.\n\nTo add TypeScript types, use either:\n\n- Regular TypeScript files (`*.ts`). An ambient file is automatically created by\n  [`tsc --declaration`](https://www.typescriptlang.org/tsconfig#declaration).\n- JavaScript files (`*.js`) and ambient files (`*.d.ts`). Ambient files are\n  copied as is.\n\n## `gulp check`\n\nLint and check source files:\n\n- format JavaScript and TypeScript files with\n  [Prettier](https://github.com/ehmicky/prettier-config).\n- lint and\n  [autofix](https://eslint.org/docs/user-guide/command-line-interface#fixing-problems)\n  JavaScript and TypeScript files using [ESLint](https://eslint.org/) (see the\n  [coding style](https://github.com/ehmicky/eslint-config#coding-style)).\n- find duplicated code with [Jscpd](https://github.com/kucherenko/jscpd).\n- detect dead links with [lychee](https://lychee.cli.rs/).\n\n## `gulp type`\n\nRun TypeScript type tests with [tsd](https://github.com/SamVerschueren/tsd). The\ntype tests must be named `*.test-d.ts`.\n\n## `gulp unit`\n\nRun unit tests with [Ava](https://github.com/avajs/ava). The test files must be\nnamed `*.test.js`.\n\nTo specify\n[Ava options](https://github.com/avajs/ava/blob/master/docs/05-command-line.md),\nplease call `ava` directly instead. For example: `ava --update-snapshots`.\n\nTo target a single test file, use `ava build/test/file.test.js` not\n`ava test/file.test.js`.\n\n## `gulp test`\n\nRuns [`gulp build`](#gulp-build) then [`gulp check`](#gulp-check) then\n[`gulp type`](#gulp-type) and [`gulp unit`](#gulp-unit).\n\nThis is performed on CI ([GitHub actions](https://github.com/features/actions))\nfor each OS (Windows, Mac, Linux) and supported Node.js version.\n\n## `gulp buildWatch`, `gulp typeWatch`, `gulp unitWatch`, `gulp warnWatch`\n\nLike `gulp build`, `gulp type`, `gulp unit` and `gulp warn` but in watch mode.\nThe watch mode works even when installing/updating/uninstalling dependencies or\nchanging the Gulp tasks themselves.\n\nThey can be performed together, e.g. `gulp buildWatch` in one terminal tab and\n`gulp unitWatch` in another.\n\n# Other tasks\n\n## `gulp links`\n\nDetect dead links with [lychee](https://lychee.cli.rs/).\n\n## `gulp warn`\n\nCheck for security vulnerabilities (using\n[`npm audit`](https://docs.npmjs.com/cli/audit)) and outdated dependencies\n(using [`npm outdated`](https://docs.npmjs.com/cli/outdated)).\n\n## `gulp releasePatch`, `gulp releaseMinor`, `gulp releaseMajor`\n\nRelease a new patch/minor/major version on npm and GitHub using\n[`release-it`](https://github.com/webpro/release-it).\n\n`npm publish` must be performed locally afterwards.\n\nOnly the repository owner can perform these tasks.\n\n## `gulp unitCoverage`\n\nLike `gulp unit` but also compute test coverage.\n\n# Custom tasks\n\nRepositories with a `gulp` top-level directory have additional tasks. Please\ncheck those files to see which custom tasks are available.\n\n# Support\n\nFor any question, _don't hesitate_ to [submit an issue on GitHub](../../issues).\n\nEveryone is welcome regardless of personal background. We enforce a\n[Code of conduct](CODE_OF_CONDUCT.md) in order to promote a positive and\ninclusive environment.\n\n# Contributing\n\nThis project was made with ❤️. The simplest way to give back is by starring and\nsharing it online.\n\nIf the documentation is unclear or has a typo, please click on the page's `Edit`\nbutton (pencil icon) and suggest a correction.\n\nIf you would like to help us fix a bug, please check our\n[guidelines](CONTRIBUTING.md). Pull requests are welcome!\n\n\u003c!-- Thanks go to our wonderful contributors: --\u003e\n\n\u003c!-- ALL-CONTRIBUTORS-LIST:START --\u003e\n\u003c!-- prettier-ignore --\u003e\n\u003c!--\n\u003ctable\u003e\u003ctr\u003e\u003ctd align=\"center\"\u003e\u003ca href=\"https://fosstodon.org/@ehmicky\"\u003e\u003cimg src=\"https://avatars2.githubusercontent.com/u/8136211?v=4\" width=\"100px;\" alt=\"ehmicky\"/\u003e\u003cbr /\u003e\u003csub\u003e\u003cb\u003eehmicky\u003c/b\u003e\u003c/sub\u003e\u003c/a\u003e\u003cbr /\u003e\u003ca href=\"https://github.com/ehmicky/dev-tasks/commits?author=ehmicky\" title=\"Code\"\u003e💻\u003c/a\u003e \u003ca href=\"#design-ehmicky\" title=\"Design\"\u003e🎨\u003c/a\u003e \u003ca href=\"#ideas-ehmicky\" title=\"Ideas, Planning, \u0026 Feedback\"\u003e🤔\u003c/a\u003e \u003ca href=\"https://github.com/ehmicky/dev-tasks/commits?author=ehmicky\" title=\"Documentation\"\u003e📖\u003c/a\u003e\u003c/td\u003e\u003c/tr\u003e\u003c/table\u003e\n--\u003e\n\u003c!-- ALL-CONTRIBUTORS-LIST:END --\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fehmicky%2Fdev-tasks","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fehmicky%2Fdev-tasks","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fehmicky%2Fdev-tasks/lists"}