Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@heroku-cli/dev-cli
Advanced tools
This library has been replaced by oclif and is now in maintenance mode. We will only consider PRs that address security concerns.
helpers for oclif CLIs
$ npm install -g @heroku-cli/dev-cli
$ oclif-dev COMMAND
running command...
$ oclif-dev (-v|--version|version)
@heroku-cli/dev-cli/0.1.0 darwin-x64 node-v18.8.0
$ oclif-dev --help [COMMAND]
USAGE
$ oclif-dev COMMAND
...
oclif-dev help [COMMAND]
oclif-dev manifest [PATH]
oclif-dev pack
oclif-dev pack:deb
oclif-dev pack:macos
oclif-dev pack:win
oclif-dev publish
oclif-dev publish:deb
oclif-dev publish:macos
oclif-dev publish:win
oclif-dev readme
oclif-dev help [COMMAND]
display help for oclif-dev
USAGE
$ oclif-dev help [COMMAND]
ARGUMENTS
COMMAND command to show help for
OPTIONS
--all see all commands in CLI
See code: @oclif/plugin-help
oclif-dev manifest [PATH]
generates plugin manifest json
USAGE
$ oclif-dev manifest [PATH]
ARGUMENTS
PATH [default: .] path to plugin
See code: src/commands/manifest.ts
oclif-dev pack
packages oclif cli into tarballs
USAGE
$ oclif-dev pack
OPTIONS
-r, --root=root (required) [default: .] path to oclif CLI root
-t, --targets=targets comma-separated targets to pack (e.g.: linux-arm,win32-x64)
--[no-]xz also build xz
DESCRIPTION
This can be used to create oclif CLIs that use the system node or that come preloaded with a node binary.
See code: src/commands/pack/index.ts
oclif-dev pack:deb
pack CLI into debian package
USAGE
$ oclif-dev pack:deb
OPTIONS
-r, --root=root (required) [default: .] path to oclif CLI root
See code: src/commands/pack/deb.ts
oclif-dev pack:macos
pack CLI into MacOS .pkg
USAGE
$ oclif-dev pack:macos
OPTIONS
-r, --root=root (required) [default: .] path to oclif CLI root
See code: src/commands/pack/macos.ts
oclif-dev pack:win
create windows installer from oclif CLI
USAGE
$ oclif-dev pack:win
OPTIONS
-r, --root=root (required) [default: .] path to oclif CLI root
See code: src/commands/pack/win.ts
oclif-dev publish
publish an oclif CLI to S3
USAGE
$ oclif-dev publish
OPTIONS
-r, --root=root (required) [default: .] path to oclif CLI root
-t, --targets=targets comma-separated targets to pack (e.g.: linux-arm,win32-x64)
DESCRIPTION
"aws-sdk" will need to be installed as a devDependency to publish.
See code: src/commands/publish/index.ts
oclif-dev publish:deb
publish deb package built with pack:deb
USAGE
$ oclif-dev publish:deb
OPTIONS
-r, --root=root (required) [default: .] path to oclif CLI root
See code: src/commands/publish/deb.ts
oclif-dev publish:macos
publish macos installers built with pack:macos
USAGE
$ oclif-dev publish:macos
OPTIONS
-r, --root=root (required) [default: .] path to oclif CLI root
See code: src/commands/publish/macos.ts
oclif-dev publish:win
publish windows installers built with pack:win
USAGE
$ oclif-dev publish:win
OPTIONS
-r, --root=root (required) [default: .] path to oclif CLI root
See code: src/commands/publish/win.ts
oclif-dev readme
adds commands to README.md in current directory
USAGE
$ oclif-dev readme
OPTIONS
--dir=dir (required) [default: docs] output directory for multi docs
--multi create a different markdown page for each topic
DESCRIPTION
The readme must have any of the following tags inside of it for it to be replaced or else it will do nothing:
# Usage
<!-- usage -->
# Commands
<!-- commands -->
Customize the code URL prefix by setting oclif.repositoryPrefix in package.json.
See code: src/commands/readme.ts
FAQs
helpers for oclif CLIs
The npm package @heroku-cli/dev-cli receives a total of 15 weekly downloads. As such, @heroku-cli/dev-cli popularity was classified as not popular.
We found that @heroku-cli/dev-cli demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 23 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.