@every-env/spiral-cli
Advanced tools
@every-env/spiral-cli - npm Package Compare versions
| #!/usr/bin/env node | ||
| import { execFileSync } from "node:child_process"; | ||
| import { fileURLToPath } from "node:url"; | ||
| import { dirname, join } from "node:path"; | ||
| const __dirname = dirname(fileURLToPath(import.meta.url)); | ||
| const cli = join(__dirname, "..", "src", "cli.ts"); | ||
| // Try bun first (handles .ts natively), fall back to error message | ||
| try { | ||
| execFileSync("bun", ["run", cli, ...process.argv.slice(2)], { | ||
| stdio: "inherit", | ||
| env: process.env, | ||
| }); | ||
| } catch (err) { | ||
| if (err.status !== undefined) { | ||
| // Command ran but exited non-zero — propagate exit code | ||
| process.exit(err.status); | ||
| } | ||
| // bun not found | ||
| console.error( | ||
| "Spiral CLI requires Bun to run. Install it with: curl -fsSL https://bun.sh/install | bash", | ||
| ); | ||
| process.exit(1); | ||
| } |
+3
-2
| { | ||
| "name": "@every-env/spiral-cli", | ||
| "version": "1.0.0", | ||
| "version": "1.0.1", | ||
| "description": "CLI for Spiral API - create content from your terminal", | ||
@@ -9,5 +9,6 @@ "author": "Kieran Klaassen", | ||
| "bin": { | ||
| "spiral": "./src/cli.ts" | ||
| "spiral": "./bin/spiral.mjs" | ||
| }, | ||
| "files": [ | ||
| "bin", | ||
| "src", | ||
@@ -14,0 +15,0 @@ "README.md" |
+1
-1
@@ -18,3 +18,3 @@ #!/usr/bin/env bun | ||
| const VERSION = "1.0.0"; | ||
| const VERSION = "1.0.1"; | ||
@@ -21,0 +21,0 @@ const HELP = ` |
New alerts
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 3 instances in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Fixed alerts
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
33989
2.35%- Number of package files
11
10%- Lines of code
855
2.76%- Number of medium supply chain risk alerts
1
-66.67%Worsened metrics
- Number of low supply chain risk alerts
6
20%