Research
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
By Kirill Boychenko - Sep 24, 2025
@railway/cli
Advanced tools
Railway CLI
This is the command line interface for Railway. Use it to connect your code to Railway's infrastructure without needing to worry about environment variables or configuration.
The Railway command line interface (CLI) connects your code to your Railway project from the command line.
The Railway CLI allows you to
- Create new Railway projects from the terminal
- Link to an existing Railway project
- Pull down environment variables for your project locally to run
- Create services and databases right from the comfort of your fingertips
Installation
Cargo
cargo install railwayapp --locked
Homebrew
brew install railway
NPM
npm install -g @railway/cli
Bash
# Install
bash <(curl -fsSL cli.new)
# Uninstall
bash <(curl -fsSL cli.new) -r
Scoop
scoop install railway
Arch Linux AUR
Install using Paru
paru -S railwayapp-cli
Install using Yay
yay -S railwayapp-cli
Docker
Before using the CLI in a non-interactive environment, ensure you have created an access token (only project-tokens are supported as of now) and set it as the RAILWAY_TOKEN environment variable. CI environments are automatically detected by the presence of CI=true variable. In these environments, only build logs will be streamed, and the CLI will exit with an appropriate code indicating success or failure.
Install from the command line
docker pull ghcr.io/railwayapp/cli:latest
Use in GitHub Actions
deploy-job:
runs-on: ubuntu-latest
container: ghcr.io/railwayapp/cli:latest
env:
SVC_ID: my-service
RAILWAY_TOKEN: ${{ secrets.RAILWAY_TOKEN }}
steps:
- uses: actions/checkout@v3
- run: railway up --service=${{ env.SVC_ID }}
Use in GitLab CICD
deploy-job:
image: ghcr.io/railwayapp/cli:latest
variables:
SVC_ID: my-service
script:
- railway up --service=$SVC_ID
[!TIP] GitLab can access a protected (secret) variable directly, all you need to do is to add it in CI/CD settings.
From source
See CONTRIBUTING.md for information on setting up this repo locally.
Documentation
Feedback
We would love to hear your feedback or suggestions. The best way to reach us is on Discord.
We also welcome pull requests into this repo. See CONTRIBUTING.md for information on setting up this repo locally.
FAQs
Develop and deploy code with zero configuration
We found that @railway/cli demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Package last updated on 12 Sep 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025