Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@custody/plugin-command-restart-server
Advanced tools
Custody plugin to add a command to restart a Node server (vs. the entire build process)
Out of the box, custody lets you restart an entire process managed by Supervisor by pressing 'r' when viewing process details:
However, if you're using Supervisor for local development of microservices, the processes launched by Supervisor are probably not the servers themselves but rather build processes, which in turn launch the servers. The process tree might look something like this:
supervisord
- gulp (using gulp-nodemon)
- node
Restarting the "supervised" process is in this case needlessly expensive. You might only want to
restart the server (perhaps after updating Node modules) and end up waiting for gulp
to rebuild a
large amount of client-side JS.
Luckily, your build process probably watches server files and restarts the server if they change. This custody plugin can trigger those watchers on command.
npm install -g @custody/plugin-command-restart-server
Then launch custody-cli settings
and add "@custody/plugin-command-restart-server" to your
.custodyrc
. Finally, restart custody-cli
to get it to pick up the new plugin.
After opening a process' details in custody
press 't' to restart the server. If you wish to assign a different key, for instance "s", edit
the "@custody/plugin-command-restart-server" line in your .custodyrc
to look like the following:
{
"plugins": [
["@custody/plugin-command-start-debugger", {
"key": "s"
}]
]
}
This plugin assumes that your main server file is called app.js
, and that your build process
will restart the server if that file changes. So, when you invoke the command, this plugin
executes touch app.js
. (This does not add or remove any content from your file, just updates
the last-modified timestamp, which is sufficient to trigger file watchers like gulp-nodemon).
We welcome bug reports and feature suggestions!
FAQs
Custody plugin to add a command to restart a Node server (vs. the entire build process)
The npm package @custody/plugin-command-restart-server receives a total of 4 weekly downloads. As such, @custody/plugin-command-restart-server popularity was classified as not popular.
We found that @custody/plugin-command-restart-server demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.