🚨 Shai-Hulud Strikes Again:834 Packages Compromised.Technical Analysis →
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

await-github-file-change-cli

Package Overview
Dependencies
Maintainers
1
Versions
2
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

await-github-file-change-cli

CLI tool to monitor GitHub file changes by polling for etag changes

latest
Source
npmnpm
Version
1.0.1
Version published
Maintainers
1
Created
Source

await-github-file-change-cli

A CLI tool that monitors a GitHub file for changes by polling its etag value. The tool will continuously check the file every second until it detects a change, then exit.

Usage

You can run this tool directly using npx without installing it:

npx await-github-file-change-cli https://github.com/owner/repo/blob/branch/path/to/file

Example

npx await-github-file-change-cli https://github.com/gr2m/sandbox/blob/main/test-file

Authentication

For higher rate limits and access to private repositories, set the GITHUB_TOKEN environment variable:

GITHUB_TOKEN=your_token_here npx await-github-file-change-cli https://github.com/owner/repo/blob/branch/path/to/file

How it works

  • Parses the GitHub URL to extract owner, repository, and file path
  • Fetches the initial etag value using a HEAD request
  • Polls the file every second with HEAD requests
  • When the etag changes, logs the new etag and exits

Installation

If you want to install it globally:

npm install -g await-github-file-change-cli

Then use it directly:

await-github-file-change https://github.com/owner/repo/blob/branch/path/to/file

Development

Install dependencies

npm install

Run tests

npm test

License

ISC

Keywords

github
cli
file
monitor
etag
octokit

FAQs

Package last updated on 15 Oct 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Malicious Crate Mimicking ‘Finch’ Exfiltrates Credentials via a Hidden Dependency

Security News

/

Research

Malicious Crate Mimicking ‘Finch’ Exfiltrates Credentials via a Hidden Dependency

Socket found a Rust typosquat (finch-rust) that loads sha-rust to steal credentials, using impersonation and an unpinned dependency to auto-deliver updates.

By Kush Pandya  -  Dec 05, 2025