![Malicious npm Package Typosquats react-login-page to Deploy Keylogger](https://cdn.sanity.io/images/cgdhsj6q/production/007b21d9cf9e03ae0bb3f577d1bd59b9d715645a-1024x1024.webp?w=400&fit=max&auto=format)
Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
base-questions
Advanced tools
Readme
Plugin for base-methods that adds methods for prompting the user and storing the answers on a project-by-project basis.
Install with npm
$ npm i base-questions --save
Try running the actual examples if it helps to see the following example in action.
var questions = require('base-questions');
var assemble = require('assemble-core');
var store = require('base-store');
var argv = require('base-argv');
var app = assemble();
app.use(store());
app.use(argv());
var argv = app.argv(process.argv.slice(2));
app.use(questions(app, argv.options));
app.task('ask', function (cb) {
app.ask(function (err, answers) {
if (err) return cb(err);
console.log(answers);
cb();
});
});
app.task('a', function (cb) {
console.log('task > a!');
cb();
});
app.task('b', function (cb) {
console.log('task > b!');
cb();
});
app.task('c', function (cb) {
console.log('task > c!');
cb();
});
app.task('choices', function (cb) {
app.choices('run', ['a', 'b', 'c'], function (err, answers) {
if (err) return cb(err);
if (!answers.run.length) return cb();
app.build(answers.run, cb);
});
});
app.build('choices', function(err) {
if (err) return console.log(err);
console.log('done!');
});
Create a "choices" question from an array.
Params
queue
{String|Array}: Name or array of question names.options
{Object|Function}: Question options or callback functioncallback
{Function}: callback functionExample
app.choices('foo', ['a', 'b', 'c']);
// or
app.choices('foo', {
message: 'Favorite letter?',
choices: ['a', 'b', 'c']
});
// then
app.ask('foo', function(err, answer) {
console.log(answer);
});
Add a question to be asked at a later point.
Params
value
{Object|String}: Question object, message (string), or options object.locale
{String}: Optionally pass the locale to use, otherwise the default locale is used.returns
{Object}: Returns the app.questions
object, for chainingExample
app.question('beverage', 'What is your favorite beverage?');
// or
app.question('beverage', {
type: 'input',
message: 'What is your favorite beverage?'
});
// or
app.question({
name: 'beverage'
type: 'input',
message: 'What is your favorite beverage?'
});
Ask one or more questions, with the given options
and callback.
Params
queue
{String|Array}: Name or array of question names.options
{Object|Function}: Question options or callback functioncallback
{Function}: callback functionExample
// ask all questions
app.ask(function(err, answers) {
console.log(answers);
});
// ask the specified questions
app.ask(['name', 'description'], function(err, answers) {
console.log(answers);
});
Install dev dependencies:
$ npm i -d && npm test
Pull requests and stars are always welcome. For bugs and feature requests, please create an issue.
Jon Schlinkert
Copyright © 2015 Jon Schlinkert Released under the MIT license.
This file was generated by verb on December 13, 2015.
FAQs
Unknown package
The npm package base-questions receives a total of 33,710 weekly downloads. As such, base-questions popularity was classified as popular.
We found that base-questions demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.