Security News
PEP 810 Proposes Explicit Lazy Imports for Python 3.15
An opt-in lazy import keyword aims to speed up Python startups, especially CLIs, without the ecosystem-wide risks that sank PEP 690.
By Sarah Gooding - Oct 04, 2025
Introducing Socket Firewall: Free, Proactive Protection for Your Software Supply Chain.Learn More →
@beuluis/hook-cli
Advanced tools
hook-cli
A small hook cli
·
Report Bug
·
Request Feature
·
About The Project
A small hook cli that can be used with for example husky.
Disclaimer
I know that most of this stuff is already solved by some awesome tools. So this is really just a CLI playground for me.
Installation
npm i -D @beuluis/hook-cli
Usage
Run commands. For example using the hooks in .husky.
```bash
npx hook-cli [command] [...]
```
Commands
checkCommitMessageIssueKey
Check the pattern of a commit message
| Option | Description | Type | default |
|---|---|---|---|
-p, --prefix | Prefix of the issue key. | string | `` |
-m, --message | Get message from command line instead of file. | string | `` |
-w, --warn-only | If true only prints warning messages and do not exit with not zero code. | boolean | false |
Example usage
npx hook-cli checkCommitMessageIssueKey "$1" -p "HelloWorld"
npx hook-cli checkCommitMessageIssueKey .git/COMMIT_EDITMSG -p "KEY"
npx hook-cli checkCommitMessageIssueKey -m "KEY-12 message" -p "KEY"
npx hook-cli checkCommitMessageIssueKey -m "KEY-12 message" -p "KEY" -w
checkCommitMessagePattern
Check the pattern of a commit message
| Option | Description | Type | default |
|---|---|---|---|
-p, --pattern | Regex pattern to check the message against. | string | `` |
-m, --message | Get message from command line instead of file. | string | `` |
-w, --warn-only | If true only prints warning messages and do not exit with not zero code. | boolean | false |
Example usage
npx hook-cli checkCommitMessagePattern "$1" -p "HelloWorld"
npx hook-cli checkCommitMessagePattern .git/COMMIT_EDITMSG -p "HelloWorld"
npx hook-cli checkCommitMessagePattern -m "I say HelloWorld" -p "HelloWorld"
npx hook-cli checkCommitMessagePattern -m "I say HelloWorld" -p "HelloWorld" -w
checkForFileChanged
Check if a staged file like a changelog was changed locale or remote compared to another branch
| Option | Description | Type | default |
|---|---|---|---|
-b, --branch | Branch to compare to. | string | main |
-w, --warn-only | If true only prints warning messages and do not exit with not zero code. | boolean | false |
Example usage
npx hook-cli checkForFileChanged CHANGELOG.md
npx hook-cli checkForFileChanged CHANGELOG.md -b trunk
npx hook-cli checkForFileChanged CHANGELOG.md -w
npx hook-cli checkForFileChanged CHANGELOG.md -b trunk -w
checkForVulnerabilities
Runs a package audit and collects the results.
| Option | Description | Type | default |
|---|---|---|---|
-m, --package-manager | The package manager you want to use. Keep in mind that both package managers report differently. | yarn, npm | npm |
-l, --audit-level | The severity of the vulnerabilities what the script will report. | info, low, moderate, high, critical | critical |
-p, --prod | If true only run audit for prod dependencies and skip dev ones. | boolean | false |
-w, --warn-only | If true only prints warning messages and do not exit with not zero code. | boolean | false |
Example usage
npx hook-cli checkForVulnerabilities
npx hook-cli checkForVulnerabilities --package-manager yarn
npx hook-cli checkForVulnerabilities --audit-level low
npx hook-cli checkForVulnerabilities --warn-only
npx hook-cli checkForVulnerabilities --prod
npx hook-cli checkForVulnerabilities -l high -m yarn -w -p
checkPackageVersion
Check if the version field is the same for package.json and package-lock.json
| Option | Description | Type | default |
|---|---|---|---|
-w, --warn-only | If true only prints warning messages and do not exit with not zero code. | boolean | false |
Example usage
npx hook-cli checkPackageVersion
checkPackageVersionInFile
Check if the version field is the same for package.json and file
| Option | Description | Type | default |
|---|---|---|---|
-p, --json-path | Path in json file to check | string | `` |
-w, --warn-only | If true only prints warning messages and do not exit with not zero code. | boolean | false |
Example usage
npx hook-cli checkPackageVersionInFile hello.json -p 'path.version'
npx hook-cli checkPackageVersionInFile hello.json -p 'path.version' -w
updateReminder
Prints a list of packages that have updates.
| Option | Description | Type | default |
|---|---|---|---|
-m, --package-manager | The package manager you want to use. Keep in mind that both package managers report differently. | yarn, npm | npm |
-w, --warn-only | If true only prints warning messages and do not exit with not zero code. | boolean | false |
Example usage
npx hook-cli updateReminder
npx hook-cli updateReminder -m yarn
npx hook-cli updateReminder -w
npx hook-cli updateReminder -m yarn -w
Useful
- Print help page for command
npx hook-cli [command] --help
- Test command during development (Exit codes get not correctly forwarded).
npm run hook-cli -- [command]
- Test command during development with correct exi code.
npx tsx src/index.ts [command]
Keywords
FAQs
A small hook cli that can be used with for example husky
We found that @beuluis/hook-cli demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 21 Aug 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
PodRocket Podcast: Inside the Recent npm Supply Chain Attacks
Socket CEO Feross Aboukhadijeh discusses the recent npm supply chain attacks on PodRocket, covering novel attack vectors and how developers can protect themselves.
By Sarah Gooding - Oct 02, 2025
Security News
Package Maintainers Call for Improvements to GitHub’s New npm Security Plan
Maintainers back GitHub’s npm security overhaul but raise concerns about CI/CD workflows, enterprise support, and token management.
By Sarah Gooding - Sep 30, 2025