Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
alfred-link
Advanced tools
alfred-link 
Make your Alfred workflows installable from npm
Install
$ npm install --save alfred-link
Supporting Versions
- Alfred 3
- Alfred 4
This package will only affect the latest one if you have multiple versions in your system.
Usage
Add the alfred-link command as postinstall script of your Alfred package and add alfred-unlink as preuninstall script to clean up the resources when the workflow gets uninstalled.
{
"name": "alfred-unicorn",
"scripts": {
"postinstall": "alfred-link",
"preuninstall": "alfred-unlink"
}
}
You can now install the alfred-unicorn package like this
$ npm install -g alfred-unicorn
This will update info.plist with the information from package.json and creates a unicorn symlink inside the Alfred workflows directory that points to the location of the alfred-unicorn module.
info.plist
This package will update the info.plist file when the workflow is being installed. The following properties in info.plist can be safely omitted. The corresponding values in package.json are added to the plist file.
| info.plist | package.json |
|---|---|
| version | version |
| description | description |
| webaddress | homepage |
| createdby | author.name |
Development
When developing an Alfred workflow, you can call alfred-link directly from your cli. Use npx to call the local installation of alfred-link and alfred-unlink.
$ npx alfred-link
This will create a symlink in the Alfred workflows directory pointing to your development location without transforming info.plist.
To remove the symlink afterwards, you can call alfred-unlink.
$ npx alfred-unlink
Related
- alfy - Create Alfred workflows with ease
License
MIT © Sam Verschueren
FAQs
Make your Alfred workflows installable from npm
We found that alfred-link demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Package last updated on 29 Aug 2019
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024