Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Pipeable OADA client CLI
This largely grew from my playground for experimenting with newish (or new to me at least) Node and TypeScript stuff. As such it requires Node 15, and has no actual tests yet. The code could use a major refactor, but it useful and working for me at least. I mostly put it here for my own safe-keeping. It is not particularly fast or efficient.
It has help output that is rather terse for now.
It supports various JSON-y input formats:
It can get inputs from local files, paths in OADA APIs, or generic URLs to JSON. Also it can take Concatenated JSON piped through standard input.
It will currently die a horrible death if you try to use it with any other non-JSON data.
It outputs JSONL (or pretty-printed Concatenated JSON in TTY mode).
This makes piping with traditional line-based CLI tools easy.
Also it is very useful with tools like jq
.
There is support for configuring it for multiple OADA APIs and moving files between them.
It supports "shell expansion" of a sort via minimatch
(i.e., you can use paths like /bookmarks/trellis/*/test{s,y}/
and they will be expanded).
$ npm install -g clioada
$ oada COMMAND
running command...
$ oada (-v|--version|version)
clioada/1.1.0 linux-x64 node-v15.7.0
$ oada --help [COMMAND]
USAGE
$ oada COMMAND
...
oada autocomplete [SHELL]
oada config:show
oada delete PATHS...
oada fs:copy PATHS... PATH
oada fs:link PATHS... PATH
oada fs:list PATHS...
oada fs:move PATHS... PATH
oada fs:remove PATHS...
oada fs:touch PATHS...
oada get PATHS...
oada head PATHS...
oada help [COMMAND]
oada plugins
oada plugins:install PLUGIN...
oada plugins:link PLUGIN
oada plugins:uninstall PLUGIN...
oada plugins:update
oada post PATHS... PATH
oada put PATHS... PATH
oada watch PATH
oada autocomplete [SHELL]
display autocomplete installation instructions
USAGE
$ oada autocomplete [SHELL]
ARGUMENTS
SHELL shell type
OPTIONS
-r, --refresh-cache Refresh cache (ignores displaying instructions)
EXAMPLES
$ oada autocomplete
$ oada autocomplete bash
$ oada autocomplete zsh
$ oada autocomplete --refresh-cache
See code: @oclif/plugin-autocomplete
oada config:show
Show the current config settings
USAGE
$ oada config:show
OPTIONS
-d, --domain=domain [default: localhost] default OADA API domain
-t, --token=token default OADA API token
--[no-]tty format output for TTY
--[no-]ws use WebSockets for OADA API
ALIASES
$ oada config
See code: src/commands/config/show.ts
oada delete PATHS...
perform an OADA DELETE
USAGE
$ oada delete PATHS...
ARGUMENTS
PATHS... OADA path(s) to GET
OPTIONS
-R, --recursive
-d, --domain=domain [default: localhost] default OADA API domain
-t, --token=token default OADA API token
--[no-]tty format output for TTY
--[no-]ws use WebSockets for OADA API
ALIASES
$ oada d
$ oada rm
$ oada DELETE
EXAMPLES
$ oada delete /bookmarks/foo
$ oada rm /bookmarks/foo /bookmarks/bar /bookmarks/baz*
See code: src/commands/delete.ts
oada fs:copy PATHS... PATH
perform an "OADA copy"
USAGE
$ oada fs:copy PATHS... PATH
ARGUMENTS
PATHS... path(s) to copy
PATH OADA path to which to copy
OPTIONS
-d, --domain=domain [default: localhost] default OADA API domain
-t, --token=token default OADA API token
--[no-]tty format output for TTY
--[no-]ws use WebSockets for OADA API
ALIASES
$ oada cp
EXAMPLES
$ oada cp /resources/foo /bookmarks/foo
$ oada cp /resources/foo1 /resources/foo2 /bookmarks/foos/
See code: src/commands/fs/copy.ts
oada fs:link PATHS... PATH
perform an "OADA link"
USAGE
$ oada fs:link PATHS... PATH
ARGUMENTS
PATHS... path(s) to link
PATH OADA path in which to link
OPTIONS
-d, --domain=domain [default: localhost] default OADA API domain
-f, --force delete conflicting existing data/links
-r, --versioned make versioned link(s)
-t, --token=token default OADA API token
--[no-]tty format output for TTY
--[no-]ws use WebSockets for OADA API
ALIASES
$ oada ln
EXAMPLES
$ oada ln /resources/my-thingy /bookmarks/thingy
$ oada ln /resources/thingy1 /resources/thingy2 /bookmarks/thingies/
See code: src/commands/fs/link.ts
oada fs:list PATHS...
perform an "OADA ls"
USAGE
$ oada fs:list PATHS...
ARGUMENTS
PATHS... path(s) to list
OPTIONS
-d, --domain=domain [default: localhost] default OADA API domain
-t, --token=token default OADA API token
--[no-]tty format output for TTY
--[no-]ws use WebSockets for OADA API
ALIASES
$ oada ls
$ oada l
See code: src/commands/fs/list.ts
oada fs:move PATHS... PATH
perform an "OADA move"
USAGE
$ oada fs:move PATHS... PATH
ARGUMENTS
PATHS... path(s) to move
PATH OADA path to which to move
OPTIONS
-d, --domain=domain [default: localhost] default OADA API domain
-t, --token=token default OADA API token
--[no-]tty format output for TTY
--[no-]ws use WebSockets for OADA API
ALIASES
$ oada mv
EXAMPLES
$ oada mv /resources/foo /bookmarks/foo
$ oada mv /resources/foo1 /resources/foo2 /bookmarks/foos/
See code: src/commands/fs/move.ts
oada fs:remove PATHS...
perform an OADA DELETE
USAGE
$ oada fs:remove PATHS...
ARGUMENTS
PATHS... OADA path(s) to GET
OPTIONS
-R, --recursive
-d, --domain=domain [default: localhost] default OADA API domain
-t, --token=token default OADA API token
--[no-]tty format output for TTY
--[no-]ws use WebSockets for OADA API
ALIASES
$ oada d
$ oada rm
$ oada DELETE
EXAMPLES
$ oada delete /bookmarks/foo
$ oada rm /bookmarks/foo /bookmarks/bar /bookmarks/baz*
See code: src/commands/fs/remove.ts
oada fs:touch PATHS...
perform and "OADA touch"
USAGE
$ oada fs:touch PATHS...
ARGUMENTS
PATHS... paths to touch
OPTIONS
-d, --domain=domain [default: localhost] default OADA API domain
-t, --token=token default OADA API token
--[no-]tty format output for TTY
--[no-]ws use WebSockets for OADA API
ALIASES
$ oada touch
EXAMPLE
$ oada touch /bookmarks
See code: src/commands/fs/touch.ts
oada get PATHS...
perform an OADA GET (read)
USAGE
$ oada get PATHS...
ARGUMENTS
PATHS... OADA path(s) to GET
OPTIONS
-R, --recursive
-T, --tree=tree file containing an OADA tree to use for a tree GET
-d, --domain=domain [default: localhost] default OADA API domain
-m, --meta
-o, --out=out [default: -]
-t, --token=token default OADA API token
--[no-]tty format output for TTY
--[no-]ws use WebSockets for OADA API
ALIASES
$ oada g
$ oada GET
EXAMPLES
$ oada get /bookmarks
{
"_id": "resources/default:resources_bookmarks_321",
"_rev": 45,
"_type": "application/vnd.oada.bookmarks.1+json",
"_meta": {
"_id": "resources/default:resources_bookmarks_321/_meta",
"_rev": 45
},
"foo": "bar",
"baz": 700
}
$ oada get /bookmarks/*
"bar"
700
See code: src/commands/get.ts
oada head PATHS...
perform an OADA HEAD
USAGE
$ oada head PATHS...
ARGUMENTS
PATHS... OADA path(s) to HEAD
OPTIONS
-d, --domain=domain [default: localhost] default OADA API domain
-t, --token=token default OADA API token
--[no-]tty format output for TTY
--[no-]ws use WebSockets for OADA API
ALIASES
$ oada h
$ oada HEAD
EXAMPLES
$ oada head /bookmarks/does-exist; echo $?
0
$ oada head /bookmarks/does-not-exist; echo $?
1
See code: src/commands/head.ts
oada help [COMMAND]
display help for oada
USAGE
$ oada help [COMMAND]
ARGUMENTS
COMMAND command to show help for
OPTIONS
--all see all commands in CLI
See code: @oclif/plugin-help
oada plugins
list installed plugins
USAGE
$ oada plugins
OPTIONS
--core show core plugins
EXAMPLE
$ oada plugins
See code: @oclif/plugin-plugins
oada plugins:install PLUGIN...
installs a plugin into the CLI
USAGE
$ oada plugins:install PLUGIN...
ARGUMENTS
PLUGIN plugin to install
OPTIONS
-f, --force yarn install with force flag
-h, --help show CLI help
-v, --verbose
DESCRIPTION
Can be installed from npm or a git url.
Installation of a user-installed plugin will override a core plugin.
e.g. If you have a core plugin that has a 'hello' command, installing a user-installed plugin with a 'hello' command
will override the core plugin implementation. This is useful if a user needs to update core plugin functionality in
the CLI without the need to patch and update the whole CLI.
ALIASES
$ oada plugins:add
EXAMPLES
$ oada plugins:install myplugin
$ oada plugins:install https://github.com/someuser/someplugin
$ oada plugins:install someuser/someplugin
See code: @oclif/plugin-plugins
oada plugins:link PLUGIN
links a plugin into the CLI for development
USAGE
$ oada plugins:link PLUGIN
ARGUMENTS
PATH [default: .] path to plugin
OPTIONS
-h, --help show CLI help
-v, --verbose
DESCRIPTION
Installation of a linked plugin will override a user-installed or core plugin.
e.g. If you have a user-installed or core plugin that has a 'hello' command, installing a linked plugin with a 'hello'
command will override the user-installed or core plugin implementation. This is useful for development work.
EXAMPLE
$ oada plugins:link myplugin
See code: @oclif/plugin-plugins
oada plugins:uninstall PLUGIN...
removes a plugin from the CLI
USAGE
$ oada plugins:uninstall PLUGIN...
ARGUMENTS
PLUGIN plugin to uninstall
OPTIONS
-h, --help show CLI help
-v, --verbose
ALIASES
$ oada plugins:unlink
$ oada plugins:remove
See code: @oclif/plugin-plugins
oada plugins:update
update installed plugins
USAGE
$ oada plugins:update
OPTIONS
-h, --help show CLI help
-v, --verbose
See code: @oclif/plugin-plugins
oada post PATHS... PATH
Perform an OADA POST
USAGE
$ oada post PATHS... PATH
ARGUMENTS
PATHS... paths to POST
PATH destination OADA path
OPTIONS
-T, --tree=tree file containing an OADA tree to use for a tree POST
-d, --domain=domain [default: localhost] default OADA API domain
-t, --token=token default OADA API token
--[no-]tty format output for TTY
--[no-]ws use WebSockets for OADA API
ALIASES
$ oada po
$ oada POST
EXAMPLE
$ oada post - /bookmarks/ <<< '{"a": 1}{"b": true}'
See code: src/commands/post.ts
oada put PATHS... PATH
Perform an OADA PUT
USAGE
$ oada put PATHS... PATH
ARGUMENTS
PATHS... paths to PUT
PATH destination OADA path
OPTIONS
-T, --tree=tree file containing an OADA tree to use for a tree PUT
-d, --domain=domain [default: localhost] default OADA API domain
-t, --token=token default OADA API token
--[no-]tty format output for TTY
--[no-]ws use WebSockets for OADA API
ALIASES
$ oada pu
$ oada PUT
EXAMPLE
$ oada put - /bookmarks/ <<< '{"a": 1}'
See code: src/commands/put.ts
oada watch PATH
perform and OADA WATCH
USAGE
$ oada watch PATH
ARGUMENTS
PATH OADA path to WATCH
OPTIONS
-d, --domain=domain [default: localhost] default OADA API domain
-o, --out=out [default: -]
-r, --rev=rev rev from which to start (negative means latest - n)
-t, --token=token default OADA API token
-t, --type=(sinlge|tree) [default: tree]
--[no-]tty format output for TTY
--[no-]ws use WebSockets for OADA API
ALIASES
$ oada w
$ oada WATCH
EXAMPLE
$ oada watch /bookmarks
[
{
"resource_id": "resources/dd2d0c95-89ab-400d-863c-e2f62e9570a5",
"path": "",
"body": {
"services": {
"_rev": 213
},
"_meta": {
"modifiedBy": "system/rev_graph_update",
"modified": 1610676324.424,
"_rev": 8799
},
"_rev": 8799
},
"type": "merge"
},
{
"resource_id": "resources/1e6mHvcV9ZUczdzLDIdz9T8s2eV",
"path": "/services",
"body": {
"ainz": {
"_rev": 169
},
"_meta": {
"modifiedBy": "system/rev_graph_update",
"modified": 1610676324.29,
"_rev": 213
},
"_rev": 213
},
"type": "merge"
},
{
"resource_id": "resources/7f0d1bcf-c0f9-44a1-a506-18c2fb3e73ed",
"path": "/services/ainz",
"body": {
"rules": {
"_rev": 151
},
"_meta": {
"modifiedBy": "system/rev_graph_update",
"modified": 1610676324.12,
"_rev": 169
},
"_rev": 169
},
"type": "merge"
},
{
"resource_id": "resources/f6e90c0f-7900-446e-989d-5d32d5dcb741",
"path": "/services/ainz/rules",
"body": {
"_meta": {
"modifiedBy": "users/5989462",
"modified": 1610676323.964,
"_rev": 151
},
"_rev": 151
},
"type": "merge"
}
]
See code: src/commands/watch.ts
FAQs
CLI OADA
The npm package clioada receives a total of 11 weekly downloads. As such, clioada popularity was classified as not popular.
We found that clioada demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.