Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
cli is a toolkit for rapidly building command line apps - it includes:
Install using npm install cli
or just bundle cli.js with your app.
#!/usr/bin/env node
require('cli').withStdinLines(function(lines, newline) {
this.output(lines.sort().join(newline));
});
Try it out
$ ./sort.js < input.txt
Let's add support for an -n
switch to use a numeric sort, and a -r
switch to reverse output - only 5 extra lines of code (!)
var cli = require('cli'), options = cli.parse();
cli.withStdinLines(function(lines, newline) {
lines.sort(!options.n ? null : function(a, b) {
return parseInt(a) > parseInt(b);
});
if (options.r) lines.reverse();
this.output(lines.join(newline));
});
cli takes an object as a map for the arguments you wish to parse.
Each property/key in the object is the long version of the argument i.e. --file
The array associated with it is the options to apply to that argument.
cli.parse({
file: [ 'f', 'A file to process', 'file', temp.log ], // -f, --file FILE A file to process
time: [ 't', 'An access time', 'time', false], // -t, --time TIME An access time
work: [ false, 'What kind of work to do', 'string', 'sleep' ] // --work STRING What kind of work to do
});
cli has methods that collect stdin (newline is auto-detected as \n or \r\n)
cli.withStdin(callback); //callback receives stdin as a string
cli.withStdinLines(callback); //callback receives stdin split into an array of lines (lines, newline)
cli also has a lower level method for working with input line by line (see ./examples/cat.js for an example).
cli.withInput(file, function (line, newline, eof) {
if (!eof) {
this.output(line + newline);
}
});
Note: file
can be omitted if you want to work with stdin
//cli.toType(object); If a Built-in type, returns the name of the type as a lower cased String
cli.toType([]); // 'array'
cli.toType(new Date()); // 'date'
cli.toType(1); // 'integer'
cli.toType(1.1); // 'float'
cli.toType(Math); // 'math'
cli.toType(/a/); // 'regex'
cli.toType(JSON); // 'json'
To output a progress bar, call
cli.progress(progress); //Where 0 <= progress <= 1
To spawn a child process, use
cli.exec(cmd, callback); //callback receives the output of the process (split into lines)
cli also comes bundled with kof's node-natives (access with cli.native) and creationix' stack (access with cli.createServer)
Plugins are a way of adding common opts and can be enabled using
cli.enable(plugin1, [plugin2, ...]); //To disable, use the equivalent disable() method
help - enabled by default
Adds -h,--help
to output auto-generated usage information
version
Adds -v,--version
to output version information for the app. cli will attempt to locate and parse a nearby package.json
To set your own app name and version, use cli.setApp(app_name, version)
status
Adds options to show/hide the stylized status messages that are output to the console when using one of these methods
cli.debug(msg); //Only shown when using --debug
cli.error(msg);
cli.fatal(msg); //Exits the process after outputting msg
cli.info(msg);
cli.ok(msg);
-k,--no-color
will omit ANSI color escapes from the output
glob - requires npm install glob
Enables glob matching of arguments
timeout
Adds -t,--timeout N
to exit the process after N seconds with an error
catchall
Adds -c,--catch
to catch and output uncaughtExceptions and resume execution
Note: Plugins are automatically disabled if an option or switch of the same name is already defined
(MIT license)
Copyright (c) 2010 Chris O'Hara cohara87@gmail.com
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
FAQs
A tool for rapidly building command line apps
The npm package cli receives a total of 701,911 weekly downloads. As such, cli popularity was classified as popular.
We found that cli demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.