Security News
The Hidden Blast Radius of the Axios Compromise
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.
By Ahmad Nassri - Apr 01, 2026
New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →
CDC QnA Maker CLI
QnA Maker enables you to go from FAQ to bot in minutes. With QnA Maker you can build, train and publish a simple question and answer bot based on FAQ URLs, structured documents or editorial content in minutes. This CLI will help you create, update and publish a COVID-19 FAQ built from the CDC web content. Once you have your knowledgebase ready, you can connect it to your Healthcare Bot instance instantly using the Language models.
Prerequisite
- Node.js version 10.0 or higher
- Azure QnA Cognitive Service
Installation
To install:
> npm i -g cdc-qna
To run:
> cdc-qna
Use as a library
npm install cdc-qna --save
In your node project:
import {Client} from "bin/cdc-qna";
const client = new Client();
client.subscriptionKey = "******************************";
client.blobURI = "******************************"; // best to use "https://hastoragedevops.blob.core.windows.net/public/cdc_covid19_qna.html"
const knowledgeBases = client.getKnowledgeBases().then((knowledgebases) => {
// here you will have your knowledgebases array
});
// To create a new knowledge base
client.kbName = "******************************";
client.create().then(() => { /* success code */ }).catch((err) => { /* failure code */ });
// To update existing knowledge base
client.kbid = "******************************";
client.update().then(() => { /* success code */ }).catch((err) => { /* failure code */ });
Nightly Update
The CDC QnA HTML resource is being updated constantly. Once you created your knowledgebase, it won't be updated with the latest information unless you manually update it. Use this CLI to run the update flow and you will get the latest updates injected directly into your knowledgebase.
Demo for creation of a new knowledge base
> cdc-qna
################################################################
# Welcome to the COVID-19 Q&A Maker knowledge base manager CLI #
################################################################
Subscription Key: *********************************
(1) Create a new knowledge base
(2) Update an existing knowledge base
> 1
Knownledge Base name [Healthcare Bot CDC COVID-19 QnA]:
Creating new knowledge base stated
Running...
Running...
Running...
Running...
Running...
Reading existing alterations for knowledge base started
QnA KB- required alterations already exists for this knowledge base
Publishing knowledge base started
Reading knowledge base details
Reading endpoint Keys
┌─────────┬─────────────────────────┬────────────────────────────────────────────────────────────────────────────────────────┐
│ (index) │ Name │ Value │
├─────────┼─────────────────────────┼────────────────────────────────────────────────────────────────────────────────────────┤
│ 0 │ 'Knowledge Base ID' │ '*********-****-****-****-************' │
│ 1 │ 'Knowledge Base Name' │ 'Healthcare Bot CDC COVID-19 QnA' │
│ 2 │ 'QnA Endpoint' │ 'https://************************************************/qnamaker' │
│ 3 │ 'Endpoint Key' │ '*************-****-****-************' │
│ 4 │ 'Knowledge Base Editor' │ 'https://www.qnamaker.ai/Edit/KnowledgeBase?kbId=************************************' │
└─────────┴─────────────────────────┴────────────────────────────────────────────────────────────────────────────────────────┘
Process completed, Thanks you
Demo for updating an existing knowledge base
> cdc-qna
################################################################
# Welcome to the COVID-19 Q&A Maker knowledge base manager CLI #
################################################################
Subscription Key: *********************************
(1) Create a new knowledge base
(2) Update an existing knowledge base
> 2
Fetching knowledgebase list
(1) [*********-****-****-****-************] Some QnA Model
(2) [*********-****-****-****-************] Healthcare Bot CDC COVID-19 QnA
> 2
Updating knowledge base started
Running...
Running...
Running...
Running...
Running...
Running...
Reading knowledge base details
Reading endpoint Keys
┌─────────┬─────────────────────────┬────────────────────────────────────────────────────────────────────────────────────────┐
│ (index) │ Name │ Value │
├─────────┼─────────────────────────┼────────────────────────────────────────────────────────────────────────────────────────┤
│ 0 │ 'Knowledge Base ID' │ '*********-****-****-****-************' │
│ 1 │ 'Knowledge Base Name' │ 'Healthcare Bot CDC COVID-19 QnA' │
│ 2 │ 'QnA Endpoint' │ 'https://************************************************/qnamaker' │
│ 3 │ 'Endpoint Key' │ '*************-****-****-************' │
│ 4 │ 'Knowledge Base Editor' │ 'https://www.qnamaker.ai/Edit/KnowledgeBase?kbId=************************************' │
└─────────┴─────────────────────────┴────────────────────────────────────────────────────────────────────────────────────────┘
Process completed, Thanks you
Contributing
This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.
When you submit a pull request, a CLA bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.
FAQs
Command line tool to create and update CDC QnA Maker knowledgebase
The npm package cdc-qna receives a total of 5 weekly downloads. As such, cdc-qna popularity was classified as not popular.
We found that cdc-qna demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 16 Mar 2020
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Supply Chain Attack on Axios Pulls Malicious Dependency from npm
A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.
By Socket Research Team - Mar 31, 2026
Research
TeamPCP Compromises Telnyx Python SDK to Deliver Credential-Stealing Malware
Malicious versions of the Telnyx Python SDK on PyPI delivered credential-stealing malware via a multi-stage supply chain attack.
By Socket Research Team - Mar 27, 2026