Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
alokai-cli-storefront
Advanced tools
This is a starter project for creating a new CLI command using the Alokai CLI framework.
To get started, you can clone this repository and then install the dependencies.
git clone
cd alokai-cli-starter
pnpm install
To create a new command, you can create a new file inside the src/commands
directory. The file should export a constant that is an instance of the Command
.
import { Command } from "commander";
export const command = new Command()
.name("Alokai CLI New Command Template")
.description("Alokai CLI New Command Template is a template for creating new commands for the Alokai CLI")
.version("0.0.1", "-v, --version", "display the version number")
.action(() => {
console.log("Hello, world!");
})
To build the project, you can run the following command:
pnpm build
To run the project, you can run the following command:
pnpm start
In development mode, you can run the following command:
pnpm start:dev
To test the project, you need to link it with the vue-storefront/packages/alokai-cli
package. For this, I'm using yalc - a local NPM registry for your Yarn and pnpm projects.
First, you need to install yalc
globally:
pnpm add -g yalc
Then, you need to publish the package to the local registry:
pnpm build
yalc publish # this will publish alokai-[your-package-name] to the local registry
After that, you can link the package to the vue-storefront/packages/alokai-cli
package:
cd vue-storefront/packages/alokai-cli
yalc add alokai-[your-package-name]
Finally, you can run the command:
# in the vue-storefront/packages/alokai-cli directory
./dist/index.js [your-command-name]
FAQs
Alokai CLI for Alokai Storefront
We found that alokai-cli-storefront demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.