Security News
The Unpaid Backbone of Open Source: Solo Maintainers Face Increasing Security Demands
Solo open source maintainers face burnout and security challenges, with 60% unpaid and 60% considering quitting.
By Sarah Gooding - Sep 20, 2024
@bring-it/cli
Advanced tools
Package version was removed
This package version has been unpublished, mostly likely due to security reasons
@bring-it/cli
SFTP deployment tool for frontend.
@bring-it/cli follows the principle of Convention over configuration, provide ssh like but lite version Command-Line Interface.
For a little bit safer, it will always upload files in order by: OTHER, SVG, STYLE, SCRIPT, HTML, XML/JSON/YAML .
Installation
npm install @bring-it/cli --global
Usage
bring-it <server>
Usage: bring-it <server>
Positionals:
server URI as user@hostname[:port][/path]
or Host config name in '.ssh/config'
Options:
-c, --cwd default: .bring-it
-k, --key example: .ssh/id_rsa [required]
Configuration
When not match URI, bring-it will treat it as a Host name in .ssh/config.
bring-it support .ssh/config like config with keys: Hostname, Port, User, and a custom key: Path
bring-it dev
# example: .ssh/config
# other Host will inherit from *
Host *
User root
# = root@192.168.1.200/mnt
Host dev
Hostname 192.168.1.200
Path /mnt
# = deploy@example.org:2222
Host docs
Hostname example.org
Port 2222
User deploy
Tips
Not like the HTTP URL, in the SFTP URI, Port is 22 by default.
Path will point to / by default, so don't forget set ChrootDirectory in /etc/ssh/sshd_config to a safe path on server.
Atomic write is not support when ssh/sftp/scp transfer, make your bundle support long-term caching, it will be safer when uploading.
FAQ
Why unauthorized transfer is not supported?
To make sure unexpected file transferring won't happen.
Why password is not supported?
Not safe, and typing special characters to the terminal might not easy.
TroubleShoot
cpu-features , optionalDependencie of ssh2 might trigger error logging when install. just ignore it.
FAQs
Common command line interface of 'bring-it'
The npm package @bring-it/cli receives a total of 198 weekly downloads. As such, @bring-it/cli popularity was classified as not popular.
We found that @bring-it/cli demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Package last updated on 04 Aug 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Understanding License Exceptions: What Developers Need to Know
License exceptions modify the terms of open source licenses, impacting how software can be used, modified, and distributed. Developers should be aware of the legal implications of these exceptions.
By Sarah Gooding - Sep 20, 2024
Security News
Developer Accuses Tencent of Copyright Violation After Python Utility’s License Changed from GPLv3 to BSD
A developer is accusing Tencent of violating the GPL by modifying a Python utility and changing its license to BSD, highlighting the importance of copyleft compliance.
By Sarah Gooding - Sep 18, 2024