@socketsecurity/cli
Advanced tools
CLI tool for Socket.dev
npm install -g @socketsecurity/cli
socket --help
socket info webtorrent@1.9.1
socket report create package.json --view
socket report view QXU8PmK7LfH608RAwfIKdbcHgwEd_ZeWJ9QEGv05FJUQ
socket info <package@version> - looks up issues for a packagesocket report create <path(s)-to-folder-or-file> - uploads the specified package.json and/or package-lock.json to create a report on socket.dev. If only one of a package.json/package-lock.json has been specified, the other will be automatically found and uploaded if it existssocket report view <report-id> - looks up issues and scores from a report--view - when set on socket report create the command will immediately do a socket report view style view of the created report, waiting for the server to complete it--json - outputs result as json which you can then pipe into jq and other tools--markdown - outputs result as markdown which you can then copy into an issue, PR or even chat--dry-run - like all CLI tools that perform an action should have, we have a dry run flag. Eg. socket report create supports running the command without actually uploading anything--debug - outputs additional debug output. Great for debugging, geeks and us who develop. Hopefully you will never need it, but it can still be fun, right?--help - prints the help for the current command. All CLI tools should have this flag--version - prints the version of the tool. All CLI tools should have this flagSOCKET_SECURITY_API_KEY - if set, this will be used as the API-keySOCKET_SECURITY_API_BASE_URL - if set, this will be the base for all API-calls. Defaults to https://api.socket.dev/v0/SOCKET_SECURITY_API_PROXY - if set to something like http://127.0.0.1:9090, then all request will be proxied through that proxy@socketsecurity/sdk - the SDK used in this CLIFAQs
CLI tool for Socket.dev
The npm package @socketsecurity/cli receives a total of 526 weekly downloads. As such, @socketsecurity/cli popularity was classified as not popular.
We found that @socketsecurity/cli demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
Socket researchers uncover how threat actors weaponize Out-of-Band Application Security Testing (OAST) techniques across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.
Security News
Research
A malicious npm campaign is targeting Ethereum developers by impersonating Hardhat plugins and the Nomic Foundation, stealing sensitive data like private keys.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.