
Research
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
@windmill-labs/hub-cli
Advanced tools
You can run it directly with bunx @windmill-labs/hub-cli
or install it globally with npm install -g @windmill-labs/hub-cli
in which case you can run it with wmill-hub
.
Create a .env
file in the root of the project with the following content:
# url of your private hub
HUB_URL=https://hub.my.url
# to get a token, create a token for a superadmin user on your **Windmill instance**.
TOKEN=your_token
To sync from a private hub, run the following command:
wmill-hub pull
This will pull all the scripts from the private hub and save them in the hub
folder.
After editing your scripts, run the following command to push the changes to the private hub:
wmill-hub push
To create a new script locally, run the following command:
wmill-hub create --summary "My script summary" --language bun --kind action --app my_integration
or simply:
wmill-hub create -s "My script summary" -a my_integration
Language and kind are optional, they default to bun
and action
respectively.
You can then edit the script in the hub
folder. Once you are done, you can push it to the private hub using the wmill-hub push
command.
To sync from the official hub, run the following command:
wmill-hub wm-pull
You can then run wmill-hub push
to push the scripts to your private hub.
If you don't want all of them, delete the integrations you don't want before the first push.
If you want to modify them, do it directly on the hub, not in the hub
folder.
To get the latest version of the official hub, run wmill-hub wm-pull
again. It will not overwrite the imported scripts you modified on the hub.
FAQs
Windmill hub CLI
The npm package @windmill-labs/hub-cli receives a total of 0 weekly downloads. As such, @windmill-labs/hub-cli popularity was classified as not popular.
We found that @windmill-labs/hub-cli demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
Research
A malicious package uses a QR code as steganography in an innovative technique.
Research
/Security News
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.