Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
UI5 Command Line Interface
Part of the UI5 Build and Development Tooling
npm install --global @ui5/cli
# Verify installation
ui5 --help
Usage: ui5 <command> [options]
Commands:
build Build project in current directory
serve Start a webserver for the current project
tree Outputs the dependency tree of the current project to stdout. It takes all relevant parameters of ui5 build into account.
init Initializes the UI5 Build and Development Tooling configuration for an application or library project
Options:
--help, -h Show help [boolean]
--version, -v Show version number [boolean]
--config Path to config file [string]
--translator, --t8r Translator to use. Including optional colon separated translator parameters. [string] [default: "npm"]
--verbose Enable verbose logging. [boolean]
--loglevel Set the logging level (error|warn|info|verbose|silly). [string] [default: "info"]
Examples:
ui5 <command> --translator static:/path/to/projectDependencies.yaml Execute command using a "static" translator with translator parameters
ui5 <command> --config /path/to/ui5.yaml Execute command using a project configuration from custom path
The CLI automatically checks for updates using update-notifier. While this is skipped in CI environments, you might also opt-out manually by following the steps described here.
ui5 build [options]
builds the project in the current directory.
Commands:
dev Dev build: Skips non-essential and time-intensive tasks during build
preload (default) Build project and create preload bundles
self-contained Build project and create self-contained bundle
Options:
--help, -h Show help [boolean]
--version, -v Show version number [boolean]
--config Path to config file [string]
--translator, --t8r Translator to use. Including optional colon separated translator parameters. [string] [default: "npm"]
--verbose Enable verbose logging. [boolean]
--loglevel Set the logging level (error|warn|info|verbose|silly). [string] [default: "info"]
--all, -a Include all project dependencies into build process
--dest Path of build destination [string] [default: "./dist"]
--dev Dev mode: skips non-essential and time-intensive tasks during build [boolean]
--dev-exclude-project A list of specific projects to be excluded from dev mode (dev mode must be active for this to be effective) [array]
--include-task A list of specific tasks to be included to the default/dev set [array]
--exclude-task A list of specific tasks to be excluded from default/dev set [array]
Examples:
ui5 build --all Preload build for project and dependencies to "./dist"
ui5 build --all --exclude-task=* --include-task=createDebugFiles generateAppPreload Build project and dependencies but only apply the createDebugFiles- and generateAppPreload tasks
ui5 build --all --include-task=createDebugFiles --exclude-task=generateAppPreload Build project and dependencies by applying all default tasks including the createDebugFiles task and excluding the generateAppPreload task
ui5 build dev --all --dev-exclude-project=sap.ui.core sap.m Build project and dependencies in dev mode, except "sap.ui.core" and "sap.m" (useful in combination with --include-task)
ui5 build dev Build project and dependencies in dev mode. Only a set of essential tasks is executed.
ui5 serve [options]
starts a web server for the current project.
Options:
--help, -h Show help [boolean]
--version, -v Show version number [boolean]
--config Path to config file [string]
--translator, --t8r Translator to use. Including optional colon separated translator parameters. [string] [default: "npm"]
--verbose Enable verbose logging. [boolean]
--loglevel Set the logging level (error|warn|info|verbose|silly). [string] [default: "info"]
--port, -p Port to bind on (default for HTTP: 8080, HTTP/2: 8443) [number]
--open, -o Open web server root directory in default browser. Optionally, supplied relative path will be appended to the root URL [string]
--h2 Shortcut for enabling the HTTP/2 protocol for the web server [boolean] [default: false]
--accept-remote-connections Accept remote connections. By default the server only accepts connections from localhost [boolean] [default: false]
--key Path to the private key [string] [default: "$HOME/.ui5/server/server.key"]
--cert Path to the certificate [string] [default: "$HOME/.ui5/server/server.crt"]
Examples:
ui5 serve Start a web server for the current project
ui5 serve --h2 Enable the HTTP/2 protocol for the web server (requires SSL certificate)
ui5 serve --config /path/to/ui5.yaml Use the project configuration from a custom path
ui5 serve --translator static:/path/to/projectDependencies.yaml Use a "static" translator with translator parameters.
ui5 serve --port 1337 --open tests/QUnit.html Listen to port 1337 and launch default browser with http://localhost:1337/test/QUnit.html
ui5 tree [options]
outputs the dependency tree of the current project to stdout. It takes all relevant parameters of ui5 build
into account.
Options:
--help, -h Show help [boolean]
--version, -v Show version number [boolean]
--config Path to config file [string]
--translator, --t8r Translator to use. Including optional colon separated translator parameters. [string] [default: "npm"]
--verbose Enable verbose logging. [boolean]
--loglevel Set the logging level (error|warn|info|verbose|silly). [string] [default: "info"]
--full Include more information (currently the project configuration) [boolean]
--json Output tree as formatted JSON string [boolean]
Examples:
ui5 tree > tree.txt Pipes the dependency tree into a new file "tree.txt"
ui5 tree --json > tree.json Pipes the dependency tree into a new file "tree.json"
ui5 init [options]
initializes the UI5 Build and Development Tooling configuration for an application or library project.
Options:
--help, -h Show help [boolean]
--version, -v Show version number [boolean]
--config Path to config file [string]
--translator, --t8r Translator to use. Including optional colon separated translator parameters. [string] [default: "npm"]
--verbose Enable verbose logging. [boolean]
--loglevel Set the logging level (error|warn|info|verbose|silly). [string] [default: "info"]
ui5 versions [options]
shows the versions of all UI5 Build and Development Tooling packages.
Options:
--help, -h Show help [boolean]
--version, -v Show version number [boolean]
--config Path to config file [string]
--translator, --t8r Translator to use. Including optional colon separated translator parameters. [string] [default: "npm"]
--verbose Enable verbose logging. [boolean]
--loglevel Set the logging level (error|warn|info|verbose|silly). [string] [default: "info"]
In general, we recommend a global installation of the UI5 CLI (npm install --global @ui5/cli
).
However, it makes sense to add the UI5 CLI as a devDependency (npm install --save-dev @ui5/cli
) for a project that is using ui5
commands in its build or test scripts or otherwise depends on the UI5 CLI for development workflows (like continuous integration).
In case you have both, a local installation in one of your projects as well as a global installation, the UI5 CLI will always try to invoke the local installation. This is in part because npm scripts defined in your package.json
will also always invoke the local installation.
This behavior can be disabled by setting the environment variable UI5_CLI_NO_LOCAL
.
Example
You have a project located at /my-application
. The project has a devDependency to @ui5/cli
and defines the start script "ui5 serve"
.
Current Working Directory | Command | Uses globally installed UI5 CLI | Uses locally installed UI5 CLI |
---|---|---|---|
/ | ui5 --version | ✔️ | |
/my-application | ui5 --version | ✔️ | |
/my-application | ui5 serve | ✔️ | |
/my-application | npm start | ✔️ | |
/my-application | UI5_CLI_NO_LOCAL=X ui5 serve | ✔️ | |
/my-application | UI5_CLI_NO_LOCAL=X npm start | ✔️ |
Please check our Contribution Guidelines.
Please follow our Contribution Guidelines on how to report an issue.
See CHANGELOG.md.
This project is licensed under the Apache Software License, Version 2.0 except as noted otherwise in the LICENSE file.
FAQs
UI5 Tooling - CLI
The npm package @ui5/cli receives a total of 76,836 weekly downloads. As such, @ui5/cli popularity was classified as popular.
We found that @ui5/cli demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.