Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@asyncapi/cli
Advanced tools
CLI to work with your AsyncAPI files. Currently supports validation, but it is under development for more features.
To run @asyncapi/cli
, you'll need Node.js >=v10
Run this terminal command to check your Node.js version:
node -v
If you don't have Node.js installed or NPM, simply install both via package manager
Run this command to install the CLI globally on your system:
npm install -g @asyncapi/cli
This installs the cli globaly on your system allowing you to run it from anywhere. If you want to install it locally, just remove the -g
flag.
Cli will be available for installation brew and other app managers for other systems.
As of now, the @asyncapi/cli
only supports validation of the specification file. (This is still under development for more features.)
We have well-documented help commands so just run:
asyncapi --help
It should print something like:
All in one CLI for all AsyncAPI tools
USAGE
$ asyncapi [COMMAND]
COMMANDS
config access configs
help display help for asyncapi
new creates a new asyncapi file
validate validate asyncapi file
Read CONTRIBUTING guide.
Follow these steps:
npm install
to install all the required dependenciesnpm run test
to make sure everything is properly set up.UX developed for the CLI should be compliant with Command Line Interface Guideline
We are following verb + noun
and namespace + noun + [verb]
pattern for making our commands and arguments. For example asyncapi validate <spec-file-path>
and asyncapi config context add <context-name> <spec-file-path>
.
FAQs
All in one CLI for all AsyncAPI tools
The npm package @asyncapi/cli receives a total of 20,794 weekly downloads. As such, @asyncapi/cli popularity was classified as popular.
We found that @asyncapi/cli demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.