Security News
RubyGems.org Adds New Maintainer Role
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
@bring-it/cli
Advanced tools
SFTP deployment tool for frontend.
@bring-it/cli
follows the principle of Convention over configuration, provide ssh like but lite version Command-Line Interface.
For a little bit safer, it will always upload files in order by: OTHER, SVG, STYLE, SCRIPT, HTML, XML/JSON/YAML
.
npm install @bring-it/cli --global
bring-it <server>
Usage: bring-it <server>
Positionals:
server URI as user@hostname[:port][/path]
or Host config name in '.ssh/config'
Options:
-c, --cwd default: .bring-it
-k, --key example: .ssh/id_rsa [required]
When not match URI, bring-it
will treat it as a Host name in .ssh/config
.
bring-it
support .ssh/config like config with keys: Hostname, Port, User
, and a custom key: Path
bring-it dev
# example: .ssh/config
# other Host will inherit from *
Host *
User root
# = root@192.168.1.200/mnt
Host dev
Hostname 192.168.1.200
Path /mnt
# = deploy@example.org:2222
Host docs
Hostname example.org
Port 2222
User deploy
Not like the HTTP URL, in the SFTP URI, Port
is 22 by default.
Path
will point to /
by default, so don't forget set ChrootDirectory in /etc/ssh/sshd_config
to a safe path on server.
Atomic write is not support when ssh/sftp/scp
transfer, make your bundle support long-term caching, it will be safer when uploading.
To make sure unexpected file transferring won't happen.
Not safe, and typing special characters to the terminal might not easy.
cpu-features
, optionalDependencie of ssh2
might trigger error logging when install. just ignore it.
FAQs
Common command line interface of 'bring-it'
The npm package @bring-it/cli receives a total of 0 weekly downloads. As such, @bring-it/cli popularity was classified as not popular.
We found that @bring-it/cli demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.
Security News
Research
Socket's threat research team has detected five malicious npm packages targeting Roblox developers, deploying malware to steal credentials and personal data.