Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@ronin/cli
Advanced tools
This package exposes the ronin
command, which you can run from your terminal to interact with RONIN.
You don't need to install this package explicitly, as it is already included in the RONIN client.
However, we would be excited to welcome your feature suggestions or bug fixes for the RONIN CLI. Read on to learn more about how to suggest changes.
To start contributing code, first make sure you have Bun installed, which is a JavaScript runtime.
Next, clone the repo and install its dependencies:
bun install
Once that's done, link the package to make it available to all of your local projects:
bun link
Inside your project, you can then run the following command, which is similar to bun add @ronin/cli
or npm install @ronin/cli
, except that it doesn't install @ronin/cli
from npm, but instead uses your local clone of the package:
bun link @ronin/cli
If your project is not yet compatible with Bun, feel free to replace all of the occurrences of the word bun
in the commands above with npm
instead.
You will just need to make sure that, once you create a pull request on the current repo, it will not contain a package-lock.json
file, which is usually generated by npm. Instead, we're using the bun.lockb
file for this purpose (locking sub dependencies to a certain version).
In order to be compatible with a wide range of projects, the source code of the cli
repo needs to be compiled (transpiled) whenever you make changes to it. To automate this, you can keep this command running in your terminal:
bun run dev
Whenever you make a change to the source code, it will then automatically be transpiled again.
The RONIN CLI has 100% test coverage, which means that every single line of code is tested automatically, to ensure that any change to the source code doesn't cause a regression.
Before you create a pull request on the cli
repo, it is therefore advised to run those tests in order to ensure everything works as expected:
# Run all tests
bun test
# Alternatively, run a single test
bun test -t 'your test name'
FAQs
The command-line interface for RONIN.
The npm package @ronin/cli receives a total of 729 weekly downloads. As such, @ronin/cli popularity was classified as not popular.
We found that @ronin/cli demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.