Research
Security News
Kill Switch Hidden in npm Packages Typosquatting Chalk and Chokidar
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
@sap-devx/inquirer-gui
Advanced tools
inquirer-gui
is a UI component that displays Inquirer.js-compliant questions in an interactive HTML form.
There are several use-cases for the consuming inquirer-gui
component:
We provide examples for some of the above use-cases.
First, clone this directory:
git clone https://github.com/SAP/inquirer-gui
Use the provided sample-app
:
npm install
cd sample-app
npm install
npm run serve
This will run the web server on localhost
on an available port. Open the provided link in the browser.
Use the provided sample-app
and websocket-server
:
npm install
cd websocket-server
npm install
If using Visual Studio Code, run the WebSocket Server
debug configuration. This will start the sample WebSocket server that listens for requests on port 8081
.
cd sample-app
npm install
npm run serve
This will run the web server on localhost
on an available port. Open the provided link in the browser.
If writing a Vue application, simply add the following line to your <template>
tag:
<Form ref="form" :questions="questions" @answered="onAnswered" />
The questions
property is an inquirer.js-compliant array of questions. E.g.:
[
{
type: "input",
name: "name",
message: "Your name (frontend)",
default: "Joe",
validate: function (input) {
if (input.length >= 2) {
return true;
} else {
return "Name must be at least 2 characters long";
}
}
}
]
The answered
event is fired when any answer is changed:
answers
, contains all answers.issues
, can be used to, for example, enable or disable a Next
button.inquirer-gui
provides built-in form elements for all built-in inquirer.js
question types:
list
, rawlist
expand
checkbox
confirm
input
(number, password and input)editor
inquirer-gui
supports custom form elements via its plugin
mechanism.
A form element plugin is a javascript
object with this structure:
{
questionType: '<inquirer-question-type>';
component: <MyVueComponent>;
}
Where questionType
is the string provided in the question's type
property, and component
is a Vue
component that renders questions of the given type.
There is example of a custom form element in the /sample-plugin
folder. It is defined as a Vue plugin
and was published as @sap-devx/inquirer-gui-date-plugin
on npm
.
Consume a custom form element as a Vue plugin
using the Vue.use()
method. The plugin is returned in the method's options
parameter. For example, refer to /sample-app/src/App.vue
:
import DatePlugin from "@sap-devx/inquirer-gui-date-plugin";
const options = {};
// use the Vue plugin
Vue.use(DatePlugin, options);
// register the inquirer-gui plugin with your form instance
form.registerPlugin(options.plugin);
To get more help, support and information please open a github issue.
Contributing information can be found in the CONTRIBUTING.md file.
Copyright (c) 2020 SAP SE or an SAP affiliate company. All rights reserved. This file is licensed under the Apache Software License, v. 2 except as noted otherwise in the LICENSE file.
FAQs
Inquirer Graphical User Interface
The npm package @sap-devx/inquirer-gui receives a total of 60 weekly downloads. As such, @sap-devx/inquirer-gui popularity was classified as not popular.
We found that @sap-devx/inquirer-gui demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.