Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@checkup/cli
Advanced tools
A CLI that provides health check information about your project.
Install checkup CLI globally:
Using yarn
:
$ yarn global add @checkup/cli
Using npm
:
$ npm install -g @checkup/cli
Using volta
:
$ volta install @checkup/cli
First use the config generator to create a config file in your project's directory:
$ checkup generate config
The checkup
CLI is now available to run. Use the run
command to run Checkup against your project directory:
$ checkup run .
Checkup is designed to be completely configurable via a configuration object.
You can also specify an explicit path to a configuration via the command line, which will override any configurations found in any .checkuprc.*
files
$ checkup --config /some/path/to/my/config/.checkuprc
The configuration object has the following properties:
Plugins are collections of Checkup tasks that are intended to be configured and run. Conceptually, they're very similar to eslint plugins, which themselves contain a collection of eslint rules to run.
Check out some existing plugins:
Plugins can be authored by anyone, and configured to run for any codebase. Checkup comes with a plugin generator, making it easy to generate the scaffolding needed.
To generate a plugin, run:
$ checkup generate plugin checkup-plugin-foo
To configure plugins, use the plugins key in your configuration file, which contains a list of plugin names.
{
"plugins": ["checkup-plugin-foo"]
}
Tasks are the core primitive that Checkup uses to gather data for the Checkup report.
To generate a task, run the following in the plugin directory you want to add the task to:
$ checkup generate task example-task
checkup run
)checkup run PATH
A CLI that provides health check information about your project
checkup run [paths..] [options]
Options:
--help Show help [boolean]
--version Show version number [boolean]
-e, --exclude-paths Paths to exclude from checkup. If paths are provided via
command line and via checkup config, command line paths
will be used. [array]
-c, --config-path Use the configuration found at this path, overriding
.checkuprc if present. [default: ".checkuprc"]
--config Use this configuration, overriding .checkuprc if present.
-d, --cwd The path referring to the root directory that Checkup will
run in [default: (default)]
--category Runs specific tasks specified by category. Can be used
multiple times. [array]
--group Runs specific tasks specified by group. Can be used
multiple times. [array]
-t, --task Runs specific tasks specified by the fully qualified task
name in the format pluginName/taskName. Can be used
multiple times. [array]
-f, --format Use a specific output format [default: "summary"]
-o, --output-file Specify file to write JSON output to. [default: ""]
-l, --list-tasks List all available tasks to run. [boolean]
-p, --plugin-base-dir The base directory where Checkup will load the plugins
from. Defaults to cwd.
See code: src/commands/run.ts
Checkup comes with a few generators to help generate Checkup plugins and tasks.
checkup generate plugin PLUGIN_NAME PATH
Generate a checkup plugin
.
checkup generate plugin <name> [options]
Generates a checkup plugin project
Positionals:
name Name of the plugin (eg. checkup-plugin-myplugin) [required] [default: ""]
Options:
--help Show help [boolean]
--version Show version number [boolean]
-d, --defaults Use defaults for every setting [boolean]
-p, --path The path referring to the directory that the generator will run
in [default: "."]
checkup generate task TASK_NAME PATH
Generate a task
within a Checkup plugin
.
checkup generate task <name> [options]
Generates a checkup task within a project
Positionals:
name Name of the task (foo-task) [required] [default: ""]
Options:
--help Show help [boolean]
--version Show version number [boolean]
-d, --defaults Use defaults for every setting [boolean]
-p, --path The path referring to the directory that the generator will run
in [default: "."]
checkup generate actions ACTION_NAME PATH
Generate a task actions within a Checkup plugin
.
checkup generate actions <name> [options]
Generates checkup actions within a project
Positionals:
name Name of the actions (foo-task-actions) [required] [default: ""]
Options:
--help Show help [boolean]
--version Show version number [boolean]
-d, --defaults Use defaults for every setting [boolean]
-p, --path The path referring to the directory that the generator will run
in [default: "."]
See code: src/commands/generate.ts
v3.0.1 (2023-06-27)
checkup-plugin-javascript
checkup-plugin-ember
FAQs
A health checkup for your project
The npm package @checkup/cli receives a total of 157 weekly downloads. As such, @checkup/cli popularity was classified as not popular.
We found that @checkup/cli demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.