New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
Socket
Book a DemoSign in
Socket
Book a DemoSign in

create-sourcebit

Package Overview
Dependencies
Maintainers
11
Versions
17
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

create-sourcebit

Create and configure a Sourcebit installation

latest
Source
npmnpm
Version
0.10.0
Version published
Weekly downloads
5
150%
Maintainers
11
Weekly downloads
 
Created
Source

create-sourcebit

npm version

An interactive setup process for Sourcebit

Introduction

Sourcebit uses a configuration file of sourcebit.js to define and configure all of its plugins. While this file can be created manually, this command-line interface provides an interactive setup that gathers enough information about the user's environment and content architecture to create a working configuration.

Every Sourcebit plugin must define the questions that should be asked and process the answers. This takes place via the getSetup and getOptionsFromSetup methods.

Plugin registry

The list of plugins offered by the interactive setup process is pulled from the plugins.json file in the root of the repository. It's an array of objects with the following properties:

  • module (String): The name of the plugin's npm module
    • Example: sourcebit-source-contentful
  • description (String): A human-friendly description of the plugin
    • Example: A Contentful source plugin for Sourcebit
  • author (String): The name/handle of the plugin's author
    • Example: John Doe <john.doe@example.com>
  • type (enum: source|target): The type of plugin
    • Example: source

plugins.json

[
    {
        "module": "/Users/eduardoboucas/Sites/sourcebit-source-contentful",
        "description": "A Contentful source plugin for Sourcebit",
        "author": "Stackbit",
        "type": "source"
    },
    {
        "module": "/Users/eduardoboucas/Sites/sourcebit-target-jekyll",
        "description": "A Sourcebit plugin for Jekyll",
        "author": "Stackbit",
        "type": "target"
    }
]

Local plugin registry

You can create your own plugins.json file and tell the setup process to use it. This is useful when you're developing a plugin locally and you want it to appear on the list of available plugins without having to publish it to the official registry.

To use a local plugin registry, create a file with the structure above and start the setup process with the --plugins flag pointing to its path.

npx create-sourcebit --plugins=./my-plugins.json

Keywords

headless
headless-cms
jamstack
ssg

FAQs

Package last updated on 06 Jul 2020

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Axios Maintainer Confirms Social Engineering Attack Behind npm Compromise

Security News

Axios Maintainer Confirms Social Engineering Attack Behind npm Compromise

Axios compromise traced to social engineering, showing how attacks on maintainers can bypass controls and expose the broader software supply chain.

By Sarah Gooding  -  Apr 02, 2026