Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@emulsify/cli
Advanced tools
Command line interface for Emulsify.
This project is deployed to npm. In order to use this CLI, install it as a global dependency:
npm install -g @emulsify/cli
For more information on how to use emulsify-cli, please see the usage documentation.
Emulsify-cli is developed using TypeScript. You can find all of the source files in the src
directory, which is organized in the following manner:
src/index.ts
- uses Commander to compose the CLI.src/handlers
- contains all functions that handle CLI commands, such as emulsify init
.src/lib
- general definitions and logging tools.src/schemas
- contains JSON-Schema files that describe project, system, and variant configuration. These schema files are used to generate TypeScript types.src/scripts
- holds utility scripts for the project.src/types
- type modules live here, auto-generated ones are prefixed with an underscore (_
).src/util
- contains utility functions that are used in handlers to do various things, such as caching systems..nvmrc
file. If you are using nvm, simply run nvm use
.npm install
.npm run build
, or watch: npm run watch
.npm link
.npm run build
: builds the project based on the configuration in tsconfig.dist.json
.npm run build-schema-types
: Compiles the json-schema definitions within this project into ts types.npm run watch
: watches the codebase, and re-compiles every time a change is made.npm run format
: uses prettier to format all ts files within the codebase.npm run lint
: uses eslint to lint the codebase.npm run test
: runs Jest on the codebase. You can specify a path to a single test, and add any flags supported by Jest's CLI.npm run type
: uses typescript to check all type signatures.npm run twatch
: runs Jest without coverage, in verbose and watch mode. This is useful for running a single test during active development.This project is automatically built and deployed to NPM via a GitHub Actions workflow. In order to deploy changes merged into the develop
branch, simply merge develop
into main
, and call it a day.
FAQs
Command line interface for Emulsify
We found that @emulsify/cli demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.