Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@listenai/lisa
Advanced tools
lisa is a cli toooool
$ npm install -g @listenai/lisa
$ lisa COMMAND
running command...
$ lisa (-v|--version|version)
@listenai/lisa/1.1.0 darwin-x64 node-v12.3.1
$ lisa --help [COMMAND]
USAGE
$ lisa COMMAND
...
lisa build
lisa create NAME
lisa help [COMMAND]
lisa install [PKG]
lisa list
lisa pipeline [ID]
lisa search KEYWORD
lisa task
lisa uninstall [PKG]
lisa update
lisa view PKG [VERSIONS]
lisa build
固件开发项目编译打包
USAGE
$ lisa build
OPTIONS
-r, --release 打包release包
lisa create NAME
创建项目,例lisa create . -t @generate/base-lib
USAGE
$ lisa create NAME
ARGUMENTS
NAME 项目名称
OPTIONS
-t, --template=template (required) 生成器模板
lisa help [COMMAND]
display help for lisa
USAGE
$ lisa help [COMMAND]
ARGUMENTS
COMMAND command to show help for
OPTIONS
--all see all commands in CLI
See code: @oclif/plugin-help
lisa install [PKG]
安装依赖
USAGE
$ lisa install [PKG]
ARGUMENTS
PKG 资源包名,例:'nds-toolchain tool-cskburn',不填时默认安装csk项目中的依赖
OPTIONS
-g, --global 全局安装依赖
lisa list
列出项目已安装的Modules
USAGE
$ lisa list
lisa pipeline [ID]
USAGE
$ lisa pipeline [ID]
ARGUMENTS
ID pipleLine id
OPTIONS
-T, --table 表格展示所有可执行的pipeline
--json json展示所有可执行的pipeline
lisa search KEYWORD
根据关键字查找pkg
USAGE
$ lisa search KEYWORD
ARGUMENTS
KEYWORD 关键字,例:'tool'
OPTIONS
-l, --list
lisa task
USAGE
$ lisa task
OPTIONS
-T, --table 表格展示所有可执行的task
--json json展示所有可执行的task
lisa uninstall [PKG]
移除依赖
USAGE
$ lisa uninstall [PKG]
ARGUMENTS
PKG 资源包名,例:'@tool/nds-toolchain @tool/cskburn'
OPTIONS
-g, --global 全局安装依赖
lisa update
更新lisa到最新版本
USAGE
$ lisa update
lisa view PKG [VERSIONS]
查看pkg可选版本号
USAGE
$ lisa view PKG [VERSIONS]
OPTIONS
-l, --list
FAQs
Lisa 是 Lisa Framework 核心命令行工具,提供模版生成能力以及任务执行命令
The npm package @listenai/lisa receives a total of 5 weekly downloads. As such, @listenai/lisa popularity was classified as not popular.
We found that @listenai/lisa demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.