
Research
Malicious npm Packages Impersonate Flashbots SDKs, Targeting Ethereum Wallet Credentials
Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.
@heroku-cli/command
Advanced tools
Base class for Heroku CLI commands. Built off of oclif.
This package provides the core functionality for Heroku CLI commands, including a comprehensive set of completion handlers for various Heroku resources. It serves as the foundation for building Heroku CLI commands with built-in support for command-line completion.
The package includes completion handlers for various Heroku resources:
The package includes a built-in APIClient
for making authenticated requests to the Heroku Platform API:
Example usage:
const heroku = new APIClient(config)
const {body: resources} = await heroku.get('/apps')
This package is primarily used as a dependency in other Heroku CLI plugins and commands. It provides the base functionality needed to implement Heroku CLI commands with proper completion support.
Built with TypeScript and uses the oclif framework for CLI command development.
FAQs
base class for Heroku CLI commands
The npm package @heroku-cli/command receives a total of 37,610 weekly downloads. As such, @heroku-cli/command popularity was classified as popular.
We found that @heroku-cli/command demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 56 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.
Security News
Ruby maintainers from Bundler and rbenv teams are building rv to bring Python uv's speed and unified tooling approach to Ruby development.
Security News
Following last week’s supply chain attack, Nx published findings on the GitHub Actions exploit and moved npm publishing to Trusted Publishers.