Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@clerk/dev-cli
Advanced tools
CLI tool designed to simplify the process of iterating on packages within the clerk/javascript repository
clerk-dev
CLIThe clerk-dev
CLI is a tool designed to simplify the process of iterating on packages within the clerk/javascript
repository within sample applications, such as customer reproductions. It allows for the installation of the monorepo versions of packages, and supports features such as hot module reloading for increased development velocity.
npm install --global @clerk/dev-cli
If you haven't already, install turbo
globally.
npm install --global turbo
After installing @clerk/dev
globally, you'll need to initialise a configuration file and tell the CLI where to find your local copy of the clerk/javascript
repository.
Initialise the configuration file which will be located at ~/.config/clerk/dev.json
:
```shell
clerk-dev init
```
Navigate to your local clone of clerk/javascript
and run set-root
:
```shell
clerk-dev set-root
```
You're all set now to run the day-to-day commands 🎉
During the first time setup a ~/.config/clerk/dev.json
file was created. Its object contains a activeInstance
and instances
key. You can add additional instances by adding a new key to the instances
object.
You can use the set-instance
command to switch between activeInstance
afterwards:
clerk-dev set-instance yourName
In each project you'd like to use with the monorepo versions of Clerk packages, clerk-dev
can perform one-time framework setup such as installing the monorepo versions of packages and configuring the framework to use your Clerk keys.
To perform framework setup, run:
clerk-dev setup
If you aren't working on @clerk/clerk-js
, and do not want to customize the clerkJSUrl
, pass --no-js
.
clerk-dev setup --no-js
If you want to skip the installation of monorepo versions of packages, pass --skip-install
.
clerk-dev setup --skip-install
Once your project has been configured to use the monorepo versions of your dependencies, you can start the watchers for each dependency by running:
clerk-dev watch
This will run the build
task for any @clerk/*
packages in the package.json
of the current working directory, including any of their dependencies.
If you do not want to start the watcher for @clerk/clerk-js
, you can instead pass --no-js
.
clerk-dev watch --no-js
FAQs
CLI tool designed to simplify the process of iterating on packages within the clerk/javascript repository
We found that @clerk/dev-cli demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.