Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@sapphirecode/dcm
Advanced tools
Version: 1.2.0
Open docker-compose management cli
Installation: npm i -g @sapphirecode/dcm
Each service has its own folder under services/
all necessary docker-compose
files and configs should be stored there.
Docker-compose files have to be named
docker-compose.yml
and be at the top level of each individual service folder.
In dependencies.json
all dependencies of a service can be defined. The start
and stop order of services is determined by the dependencies.
The file passive.json
can be used to deactivate services, those will not be
started automatically, but they can be started manually by running
docker-compose up -d
in the service's folder or by including the flag
--include-passive
when using the cli.
Networks can be defined in networks.json
. Available options are internal
to
set docker's network internal flag and subnet
to define a specific subnet for
a network. With interface_name
you can specify the interface name for the
network.
Volume settings are placed in volumes.json
. By default all volumes in this
file are added to the backup filter. To prevent them from getting backed up, set
the option backup
to false. Additionally single folders can be excluded from
the backup using the backup_exclude
option. Instead of backing up the whole
volume, you can use backup_include
to include only specific folders.
Global Options:
--delay=<seconds>
: Delay before executing the commandpull
This command simply pulls all images and exits.
up
This command starts all services in the correct order and creates the necessary
networks and volumes if they don't already exist. Available options are:
--pull
to pull images before starting the services and --include-passive
to
include passive services.
down
Stops all services including the passive ones.
restart
Restarts all services, has the same effect as running down
and up
separately.
create_filter
Creates a filter file for rsync to create a backup of all configured volumes.
FAQs
Managing docker compose configurations, volumes and networks
The npm package @sapphirecode/dcm receives a total of 3 weekly downloads. As such, @sapphirecode/dcm popularity was classified as not popular.
We found that @sapphirecode/dcm demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.