Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
The Box CLI is a user-friendly command line tool which allows both technical and non-technical users to leverage the Box API to perform routine or bulk actions. There is no need to write any code, as these actions are executed through a set of commands.
Among other features, Box CLI includes the following functionality:
The most convenient way to get start with Box CLI is to follow Box CLI with OAuth 2.0 guide. You will be guided how to configure Box application and install CLI on your machine.
Installers are available for Windows and macOS. However, the raw source-code is available if you would like to build the CLI in other environments.
To install the latest CLI on your machine, download the latest .exe
for Windows or .pkg
for macOS for the latest release.
Additionally, the CLI can be installed as a Node package on any platform, including Linux. For this to work, you will need to have Node JS installed on your machine.
npm install --global @box/cli
Alternatively, to get started with the Box CLI, download and install CLI, set up a Box application using Server Authentication with JWT and download the JSON configuration file from the Configuration page of your app in the Box Developer Console following JWT CLI Guide. Then, set up the CLI by pointing it to your configuration file:
$ box configure:environments:add PATH_TO_CONFIG_FILE
Successfully added CLI environment "default"
If you manually generated your own private key to use with JWT authentication, you will need to point the CLI to the location of your private key file:
$ box configure:environments:add PATH_TO_CONFIG_FILE --private-key-path PATH_TO_PRIVATE_KEY --name ManualKey
Successfully added CLI environment "ManualKey"
$ box --version
box-cli/0.0.0 darwin-x64 node-v10.10.0
$ box users:get --help
Get information about a Box user
USAGE
$ box users:get [ID]
ARGUMENTS
ID [default: me] ID of the user to get; defaults to the current user
OPTIONS
-h, --help Show CLI help
-s, --save Save report to default reports folder on disk
-t, --token=token Provide a token to perform this call
-v, --verbose Show verbose output, which can be helpful for debugging
-y, --yes Automatically respond yes to all confirmation prompts
--as-user=as-user Provide an ID for a user
--bulk-file-path=bulk-file-path File path to bulk .csv or .json objects
--csv Output formatted CSV
--fields=fields Comma separated list of fields to show
--json Output formatted JSON
--no-color Turn off colors for logging
--save-to-file-path=save-to-file-path Override default file path to save report
$ box users:get
Type: user
ID: '77777'
Name: Example User
Login: user@example.com
Created At: '2016-12-07T17:30:40-08:00'
Modified At: '2018-11-15T17:33:06-08:00'
Language: en
Timezone: America/Los_Angeles
Space Amount: 10737418240
Space Used: 53569393
Max Upload Size: 5368709120
Status: active
Job Title: ''
Phone: ''
Address: ''
Avatar URL: 'https://app.box.com/api/avatar/large/77777'
box ai
- Sends an AI request to supported LLMs and returns an answerbox autocomplete
- Display autocomplete installation instructionsbox collaboration-allowlist
- List collaboration allowlist entriesbox collaborations
- Manage collaborationsbox collections
- List your collectionsbox comments
- Manage comments on filesbox configure
- Configure the Box CLIbox device-pins
- List all the device pins for your enterprisebox events
- Get eventsbox file-requests
- Copies existing file request to new folderbox files
- Manage filesbox folders
- Manage foldersbox groups
- List all groupsbox help
- Display help for the Box CLIbox integration-mappings
- List Slack integration mappingsbox legal-hold-policies
- List legal hold policiesbox login
- Sign in with OAuth and set a new environment or update an existing if reauthorize flag is usedbox metadata-cascade-policies
- List the metadata cascade policies on a folderbox metadata-query
- Create a search using SQL-like syntax to return items that match specific metadatabox metadata-templates
- Get all metadata templates in your Enterprisebox oss
- Print a list of open-source licensed packages used in the Box CLIbox recent-items
- List information about files accessed in the past 90 days up to a 1000 itemsbox request
- Manually specify a Box API requestbox retention-policies
- List all retention policies for your enterprisebox search
- Search for files and folders in your Enterprisebox shared-links
- Manage shared linksbox sign-requests
- List sign requestsbox sign-templates
- List sign templatesbox storage-policies
- List storage policiesbox tasks
- Manage tasksbox terms-of-service
- List terms of services for your enterprisebox tokens
- Get a token. Returns the service account token by defaultbox trash
- List all items in trashbox users
- List all Box usersbox watermarking
- Apply a watermark on an itembox web-links
- Manage web linksbox webhooks
- List all webhooksBrowse the issues tickets! Or, if that doesn't work, file a new one and someone will get back to you. If you have general questions about the Box API, you can post to the Box Developer Forum.
We use a modified version of Semantic Versioning for all changes. See version strategy for details which is effective from 30 July 2022.
Only the current MAJOR version of SDK is supported. New features, functionality, bug fixes, and security updates will only be added to the current MAJOR version.
A current release is on the leading edge of our SDK development, and is intended for customers who are in active development and want the latest and greatest features. Instead of stating a release date for a new feature, we set a fixed minor or patch release cadence of maximum 2-3 months (while we may release more often). At the same time, there is no schedule for major or breaking release. Instead, we will communicate one quarter in advance the upcoming breaking change to allow customers to plan for the upgrade. We always recommend that all users run the latest available minor release for whatever major version is in use. We highly recommend upgrading to the latest SDK major release at the earliest convenient time and before the EOL date.
Version | Supported Environments | State | First Release | EOL/Terminated |
---|---|---|---|---|
3 | Node.js >= 14 | Supported | 01 Feb 2022 | TBD |
2 | EOL | 14 Dec 2018 | 01 Feb 2022 | |
1 | EOL | 01 Nov 2017 | 14 Dec 2018 |
npm install
.npm test
to ensure everything is working.src/
directory. Be sure to add corresponding tests
in the test/
directory!For more information, please see the Contribution guidelines.
Copyright 2018 Box, Inc. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
This software includes third party libraries, which are distributed under their own licenses' terms; see LICENSE-THIRD-PARTY.txt for details.
FAQs
Official command line interface for the Box API
The npm package @box/cli receives a total of 198 weekly downloads. As such, @box/cli popularity was classified as not popular.
We found that @box/cli demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.