{"id":19149964,"url":"https://github.com/smashingboxes/smashing-dev-tool","last_synced_at":"2025-09-01T03:06:41.227Z","repository":{"id":18248121,"uuid":"21400748","full_name":"smashingboxes/smashing-dev-tool","owner":"smashingboxes","description":null,"archived":false,"fork":false,"pushed_at":"2016-05-03T23:21:12.000Z","size":1952,"stargazers_count":1,"open_issues_count":3,"forks_count":2,"subscribers_count":35,"default_branch":"master","last_synced_at":"2025-08-04T07:54:07.409Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"CoffeeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/smashingboxes.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2014-07-01T20:00:17.000Z","updated_at":"2016-02-12T00:56:40.000Z","dependencies_parsed_at":"2022-09-14T01:32:59.388Z","dependency_job_id":null,"html_url":"https://github.com/smashingboxes/smashing-dev-tool","commit_stats":null,"previous_names":[],"tags_count":6,"template":false,"template_full_name":null,"purl":"pkg:github/smashingboxes/smashing-dev-tool","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/smashingboxes%2Fsmashing-dev-tool","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/smashingboxes%2Fsmashing-dev-tool/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/smashingboxes%2Fsmashing-dev-tool/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/smashingboxes%2Fsmashing-dev-tool/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/smashingboxes","download_url":"https://codeload.github.com/smashingboxes/smashing-dev-tool/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/smashingboxes%2Fsmashing-dev-tool/sbom","scorecard":{"id":833061,"data":{"date":"2025-08-11","repo":{"name":"github.com/smashingboxes/smashing-dev-tool","commit":"5d491c00f3b2615c30849f3c274c65d515df83cc"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.6,"checks":[{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":0,"reason":"Found 0/15 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":0,"reason":"license file not detected","details":["Warn: project does not have a license file"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 20 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-23T18:15:00.133Z","repository_id":18248121,"created_at":"2025-08-23T18:15:00.133Z","updated_at":"2025-08-23T18:15:00.133Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":273068846,"owners_count":25039911,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-01T02:00:09.058Z","response_time":120,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-09T08:10:13.818Z","updated_at":"2025-09-01T03:06:41.200Z","avatar_url":"https://github.com/smashingboxes.png","language":"CoffeeScript","readme":"# Smashing Dev Tool\n\nThis is a WIP CLI for Smashing Boxes, focusing on frontend tooling and automation. By following the conventions this tool is built on, you can instantly add front end tooling and dev ops goodness to any Smashing Boxes project. Define which asset filetypes you want to include in your Smashfile and it will build a data model of your source code that can be manipulated and queried by other modules.\n\nThe goal of this project is to provide a general toolset for building optimized, well-tested client-side applications with or without backend integration. For this reason, no assumptions are made about 3rd-party libraries that might be used in a given project. Still, some assumptions must be made to maintain a relatively small set of all-purpose commands. Most of these assumptions are captured in `src/config/_smashfile.coffee` and can be overridden in the Smashfile for a given project.\n\n## Prerequisites\n\n+ [Node + NPM](http://nodejs.org/)\n+ [Bower](https://www.npmjs.com/package/bower)\n+ [CoffeeScript](https://www.npmjs.com/package/coffee-script)\n\n## Installation\n`smashing-dev-tool` is available via the NPM registry. It currently depends on Bower and CoffeeScript globally.\n\n```\n  $ npm install -g coffee-script bower smashing-dev-tool\n```\n\nThe `smash` command should now be available globally. Some commands are only available from inside a project with a valid `smashfile.coffee`.\n\n\n\n## Available Commands\n\n### Global\n\n+ `smash`: show available commands and options. Same as `smash help`.\n+ `smash new \u003cproject-name\u003e`: generate a new `smashing-dev-tool`-compatible project in a folder called `\u003cproject-name\u003e` and `bower install` dependencies for the chosen template\n\n### Per-project\n\n+ `smash compile`: compile the project source into unoptimized HTML, JS and CSS ready for the browser\n+ `smash serve`: run a BrowserSync-based development server and re-compile on file changes\n+ `smash build`: build the compiled source into a minified, otpimized set of files for deployment\n+ `smash docs`: generate a static documentation site for this codebase\n+ `smash clean`: remove all generated files (`/compile`, `/build`, `/docs`)\n+ `smash bump [patch|minor|major|prerelease]`: bump the version by the specified importance level and tag the repo (reuqires a `git init`'d project repo)\n\n---\n\n# `smash`-able Projects\n\n## Project Generation\n\n**Command**: `smash new \u003cproject-name\u003e`\n\nSmashing Dev Tool borrows from the [Slush](http://slushjs.github.io/) project to allow for straight-forward, stream-based scaffolding from templates. A template consists of a list of questions contained in `prompts.json`, a `bower.json` manifest containing dependencies needed by the template, and a `smashfile.coffee` that contains configuration used by the tool. The remaining files in a template have no restrictions, but should conform to the default folder assumptions (`/client`, `/compile`, `/build`, `/docs`) unless they are overridden in the included `smashfile.coffee`.\n\nDuring project generation, user input is gathered from the commandline and inserted into the template files using [gulp-template](https://github.com/sindresorhus/gulp-template). Variables can be used in template files as follows:\n\n`prompts.json`:\n```json\n[\n  {\n    \"name\": \"appName\",\n    \"message\": \"What is the name of your project?\",\n    \"default\": \"Sample Application\"\n  },\n  {\n    \"name\": \"appDescription\",\n    \"message\": \"What is the description?\",\n    \"default\": \"A sample application.\"\n  }\n]\n```\n\n`client/index.jade`:\n```jade\ndoctype html\nhead\n  title \u003c%= appNameSlug %\u003e\n\nbody\n  div.container\n    h1 \u003c%= appName %\u003e\n    p \u003c%= appDescription %\u003e\n```\n\nFiles prefixed with `_` will be copied to the destination as dotfiles (`_bowerrc` \u0026rArr; `.bowerrc`) in the generated project. All other files will be copied directly, preserving directory structure and replacing template tags with the appropriate values. After generation [gulp-install](https://github.com/slushjs/gulp-install) will run `bower install` and/or `npm install` inside the project directory. [gulp-conflict](https://github.com/slushjs/gulp-conflict) will prompt the user for action if the project directory contains file conflicts.\n\n_**Note**: at minimum, `appName` is required in `prompts.json` to create a project_\n\n_**Note**: the variable `appNameSlug` is a hyphen-delimited version of `appName` automatically generated and available for use within your templates._\n\n\n## Compling Code\n\n**Command**: `smash compile`\n\nThe compile phase transforms code located in `/client` into browser-ready code located in `/compile`. Preprocessors defined in the Smashfile are run against files with the appropriate extensions (`.coffee`, `.jade`, `.styl`, `.scss`, etc.). Other filetypes defined in the Smashfile are copied directly. The directory structure defined in the source folder (`/client` by default) is maintained in `/compile`.\n\n## Serving Code\n\n**Command**: `smash serve`\n\nFiles are served from `/compile` for development using [BrowserSync](http://www.browsersync.io/). Running `smash serve` will compile source files, start a BrowserSync server and open a browser to the server's URL. Changes to filetypes defined in the Smashfile will cause all connected browsers to refresh\n\n## Building Code\n\n**Command**: `smash build`\n\nThe build phase will first compile the code, then optimize the contents of `/compile` into a production-ready package. Options such as the name of the output folder (`/build` by default) and whether to build all source into a single file are controlled via the Smashfile.\n\n\n## Documentation Generation\n**Command**: `smash docs`\n\nSmashing Dev Tool currently uses [Groc](https://github.com/nevir/groc) to generate a static documentation site in `/docs`. A `.groc.json` file will be dynamically generated each time the command is run and contains settings required for Groc. These settings are based on the local `bower.json` and settings in `smashfile.coffee`.\n\n\n## Example Smashfile\n\nIn each project the `smashfile.coffee` file contains local config used by `smashing-dev-tool` to compile/build/document client-side assets. Default assumptions made by the tool can be overridden here on a per-project basis. The following configuration overrides many of the default assumptions, but for basic projects only the `assets` array is really needed.\n\n```coffee\nmodule.exports =\n\n  # Global filetype settings. Specifies which files `smashing-dev-tool` cares about.\n  assets: [\n    'coffee'\n    'js'\n    'jade'\n    'styl'\n    'json'\n  ]\n\n  # Global directory assumption overrides\n  dir:\n    client: 'WebContent'\n    server: 'src'\n\n  # Global image asset settings\n  images:\n    path: 'images'                   # override default image asset location (`/client/data/images`)\n\n  # Compile phase settings\n  compile:\n    copy: [                          # specify file glob patterns to copy directly\n      'client/**/*.data':''          # ex: '\u003cfile-pattern\u003e':'\u003cpath/within/compile/directory\u003e'\n    ]\n\n  # Build phase settings\n  build:\n    path:          'pkg'             # override default build path\n    html2js:       true              # compile HTML templates into a JS module\n    css2js:        true              # compile CSS styles into a JS module\n    includeIndex:  false             # include `index.{html,jade}` in built code\n    includeVendor: false             # include vendor libraries in built code\n    exclude: [                       # exclude glob patterns from built code\n      'client/index.jade'\n      'client/main/**/*'\n      'client/data/sample/**/*'\n    ]\n    styles:\n      out: 'sample-app.min.css'      # override default concat'd styles filename (css2js)\n      order: [                       # re-order styles for injection and concatenation\n        'app.css'\n        '**/*.css'\n      ]\n    scripts:\n      out: 'sample-app.min.js'       # override default concat'd scripts filename\n      order: [                       # re-order scripts for injection and concatenation\n        '**/jquery.js'\n        '**/*jquery*.*'\n        '**/angular.js'\n        '**/*angular*.*.js'\n        'components/vendor/**/*.js'\n        'app.js'\n      ]\n    views:\n      out: 'sample-app-views.js'     # override default concat'd views filename (html2js)\n\n    alternates: [\n      [\n        'client/app.coffee',         # use `client/app.coffee` during compile and serve\n        'client/app-build.coffee'    # use `client/app-build.coffee` when building for production\n      ]\n    ]\n```\n\n_**Note**: the Smashfile format changes frequently as we attempt to strike a balance between convention and configuration._\n\n\n## TODO/Future\n+ Automated testing of source code (unit, e2e)\n+ Integration with the [taperole](https://github.com/smashingboxes/taperole) provisioning/deployment tool\n+ API mocking, test data generation\n+ UI/UX deliverables generated from source code (style tiles, style guide, etc.)\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsmashingboxes%2Fsmashing-dev-tool","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsmashingboxes%2Fsmashing-dev-tool","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsmashingboxes%2Fsmashing-dev-tool/lists"}