Security News
Another Round of TEA Protocol Spam Floods npm, But It’s Not a Worm
Recent coverage mislabels the latest TEA protocol spam as a worm. Here’s what’s actually happening.
By Philipp Burckhardt - Nov 14, 2025
@zimbra/zimlet-cli
Advanced tools
@zimbra/zimlet-cli
Develop, Build, and Package Zimbra X compatible zimlets for development and production.
Zimlet CLI
A command-line build tool for next generation Zimlets, powered by Webpack.
Install
npm install -g @zimbra/zimlet-cli
Usage
zimlet
Run the zimlet command by itself to see all available options. ZimletCLI makes it easy to get help with the --help option available for all commands.
Documentation
An extensive getting started guide on how to create Zimlets and Java extensions can be found at:
Zimlet CLI command options can be found in:
:warning: Make sure to accept any self signed certificates generated by the
zimlet watchcommand.
:warning: The Zimlet is evaluated in a seperate window with a clean environment. This means common global values like
window.locationwill not be available. Instead, many global values are available in the Redux store.
Hacking on the CLI
Want to work on the CLI? It's easy:
# get into this directory:
cd zimlet-cli
# install the dependencies:
npm install
# now any time you change src/ in the CLI package,
# (re-)link your build of the CLI globally:
npm run build && npm link
Doing the above (and repeating the last step for any change to the CLI's source) will introduce a zimlet command globally.
Custom Configuration
Webpack
To customize webpack create a zimlet.config.js file in the root of your Zimlet which exports a function that will change webpack's config. To use a file other than zimlet.config.js, set a custom path as env.config.
/**
* Function that mutates original webpack config.
*
* @param {object} config - original webpack config.
* @param {object} env - options passed to CLI.
**/
export default function (config, env) {
/** you can change config here **/
}
FAQs
Develop, Build, and Package Zimbra X compatible zimlets for development and production.
The npm package @zimbra/zimlet-cli receives a total of 29 weekly downloads. As such, @zimbra/zimlet-cli popularity was classified as not popular.
We found that @zimbra/zimlet-cli demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 7 open source maintainers collaborating on the project.
Package last updated on 08 Oct 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
PyPI Expands Trusted Publishing to GitLab Self-Managed as Adoption Passes 25 Percent
PyPI adds Trusted Publishing support for GitLab Self-Managed as adoption reaches 25% of uploads
By Sarah Gooding - Nov 14, 2025
Research
/Security News
Malicious Chrome Extension Exfiltrates Seed Phrases, Enabling Wallet Takeover
A malicious Chrome extension posing as an Ethereum wallet steals seed phrases by encoding them into Sui transactions, enabling full wallet takeover.
By Kirill Boychenko - Nov 12, 2025