Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
@oclif/core
Advanced tools
The @oclif/core npm package is a framework for building command-line interfaces (CLIs) in Node.js. It provides a powerful set of tools to develop sophisticated CLIs with features such as argument parsing, command structure, and plugin support. This package is part of the Open CLI Framework (OCLIF) developed by Heroku.
Command Creation
This feature allows developers to create custom commands for their CLI. The code sample demonstrates how to define a simple command that accepts a name as a flag and prints a greeting message.
const {Command, flags} = require('@oclif/core');
class MyCommand extends Command {
async run() {
const {flags} = await this.parse(MyCommand);
console.log(`Hello, ${flags.name}!`);
}
}
MyCommand.description = 'Describe the command here';
MyCommand.flags = {
name: flags.string({char: 'n', description: 'name to print'}),
};
module.exports = MyCommand;
Argument Parsing
This feature simplifies the process of parsing arguments passed to commands. The code sample shows how to create a command that echoes a message passed as an argument.
const {Command, flags} = require('@oclif/core');
class EchoCommand extends Command {
async run() {
const {args} = await this.parse(EchoCommand);
console.log(`Echoing: ${args.message}`);
}
}
EchoCommand.args = [{name: 'message'}];
module.exports = EchoCommand;
Plugin Support
OCLIF supports plugins to extend the functionality of your CLI. This code sample demonstrates how to define a simple plugin that includes a custom command.
const {Command, Plugin} = require('@oclif/core');
class MyPlugin extends Plugin {
constructor(root, config) {
super(root, config);
this.name = 'my-plugin';
}
commands = [require('./commands/my-command')];
}
module.exports = MyPlugin;
Commander is a lightweight, expressive, and powerful command-line framework for Node.js. It provides a simpler API compared to @oclif/core but lacks some of the advanced features such as plugin support and automatic help generation.
Yargs helps you build interactive command-line tools, by parsing arguments and generating an elegant user interface. It's more focused on parsing arguments and providing a fluent API, whereas @oclif/core offers a more structured approach to building CLIs with support for plugins and multi-command CLIs.
Vorpal is a framework for building immersive CLI applications in Node. It offers a similar command-based structure to @oclif/core but with a focus on interactive command-line interfaces. Vorpal is less actively maintained compared to @oclif/core.
base library for oclif CLIs
If you're migrating from the old oclif libraries (@oclif/config
, @oclif/command
, @oclif/error
, @oclif/parser
), see the migration guide.
The @oclif/core
module now also includes the cli-ux
module. Merging cli-ux
into @oclif/core
resolves a circular dependency between the two modules.
See the cli-ux README for instructions on how to replace the cli-ux
module with @oclif/core
.
The cli-ux README also contains detailed usage examples.
We strongly encourage you generate an oclif CLI using the oclif cli. The generator will generate an npm package with @oclif/core
as a dependency.
You can, however, use @oclif/core
in a standalone script like this:
#!/usr/bin/env ts-node
import * as fs from 'fs'
import {Command, Flags} from '@oclif/core'
class LS extends Command {
static description = 'List the files in a directory.'
static flags = {
version: Flags.version(),
help: Flags.help(),
dir: Flags.string({
char: 'd',
default: process.cwd(),
}),
}
async run() {
const {flags} = await this.parse(LS)
const files = fs.readdirSync(flags.dir)
for (const f of files) {
this.log(f)
}
}
}
LS.run().then(() => {
require('@oclif/core/flush')
}, () => {
require('@oclif/core/handle')
})
Then run it like this:
$ ts-node myscript.ts
...files in current dir...
FAQs
base library for oclif CLIs
The npm package @oclif/core receives a total of 1,531,240 weekly downloads. As such, @oclif/core popularity was classified as popular.
We found that @oclif/core demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.