Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@dreipol/dreihouse-cli
Advanced tools
Dreihouse is a tool to run automated lighthouse audits for a webproject. Dreihouse has the advantage to be more configurable than lighthouse.
npm i dreihouse-cli -g
audit <url> <dir>
This command, launches a headless chrome instance and will run a small set of audits on the given url whenever a file in the given folder changes.
setup <dir>
The setup command will setup the default configuration files in the folder specified in the command. After setup you have to edit the config to your flavours.
report <URL> [--config-file ./config/desktop.js] --reporter [REPORTER]
dreihouse report https://example.ch -f ./config/desktop.js -r cli
To create a report you have to call this command followed by the config file that holds the configuration
for dreihouse
. Alternately you can run an audit with a default config by leaving your the config file option.
dreihouse report https://example.ch -r cli
list of available reporters
cli
Print lighthouse results in CLIjson
Store the whole LH report as JSONjson-dashboard
save just lighthouse-dashboard
specific datahtml
save the LH report for further inspectionsname | optional | default | example | description |
---|---|---|---|---|
-r, --reporter | false | cli,html,json,json-dashboard | Add list of repprters to handle the data. Available | |
-f, --config-file | true | ./config/base.js | ./config/lh.desktop.js | Define the config file |
-p, --port | true | 9222 | Debugging port of a running chrome instance | |
-v, --verbose | true | false | -v = Error; -vv = Info; -vvvv = Debug | Verbose console output |
-s, --silent | true | false | Suppress spinner on CLI |
#Config
See @dreipol/lighthouse-runner for detailed config
FAQs
CLI Interface for @dreipol/lighthouse-runner module
The npm package @dreipol/dreihouse-cli receives a total of 8 weekly downloads. As such, @dreipol/dreihouse-cli popularity was classified as not popular.
We found that @dreipol/dreihouse-cli demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.