Security News
Supply Chain Attack Detected in Solana's web3.js Library
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
Command line under control, a library to ease usage of command lines.
with child_process
var Cluc = require('cluc');
new Cluc()
.exec('ls -alh' , function(err,stdout,stderr){
this.confirm(/vagrant/, 'Username should display on unix.');
this.warn(/root/, 'Some files does not belong vagrant users.').or(function(err){
return new Error(err);
});
})
.stream('ls -alh' , function(err,stdout,stderr){
this.confirm(/vagrant/, 'Username should display on unix.');
this.warn(/root/, 'Some files does not belong vagrant users.');
}).stream('sudo apt-get remove apache2 -y', function(){
this.progress(/Reading (:<title>[\w\s]+)[ .]*(:<current>\d+)%/);
this.mustnot(/0 to remove/, 'no package to remove found');
this.confirm(/([1-9]+) to remove/, ' found %s package to remove');
this.success(/(Removing [^ ]+\s+[.]+)/i, 'Package removed !');
this.warn(/(Unable to locate package )/i, 'Package not found');
}).stream('sudo apt-get install apache2 -y', function(){
this.mustnot(/You should explicitly select one to install/, "too many results");
this.mustnot(/has no installation candidate/, "can not install httpd");
this.watch(/Need to get ([0-9- ,-]+ [a-z]+) of archives/i);
this.watch(/After this operation, ([0-9- ,-]+ [a-z]+) of additional disk space will be used/i);
this.spin(/((Reading|Building).+)/i);
this.spin(/^\s*([0-9]+%)/i);
this.warn(/(is already the newest version)/i, 'Already installed');
this.warn(/(0 newly installed)/i, 'Package not installed');
this.confirm(/([^ /]+)\.deb/i);
this.success(/(1 newly installed)/i, 'Package installed !');
//this.redo(2);
//this.display();
}).download('/home/vagrant/test', __dirname+'/fixtures/test.bashrc', function(err){
if(err) log.error(err);
}).record(require('fs').createWriteStream('some/output.log'))
.run( new Cluc.transports.process(), function(){
console.log('done');
});
with ssh
var Cluc = require('cluc');
new Cluc()
.exec('ls -alh' , function(err,stdout,stderr){
this.confirm(/vagrant/, 'Username should display on unix.');
this.warn(/root/, 'Some files does not belong vagrant users.');
this.display();
})
.stream('ls -alh' , function(err,stdout,stderr){
this.confirm(/vagrant/, 'Username should display on unix.');
this.warn(/root/, 'Some files does not belong vagrant users.');
})
.run( new Cluc.transports.ssh(server), function(){
console.log('done');
});
Cluc
Cluc.transports
Cluc.output
Cluc.rules
Cluc.rules.must
Cluc.rules.success
Cluc.rules.mustnot
Cluc.rules.confirm
Cluc.rules.warn
Cluc.rules.watch
Cluc.rules.answer
Cluc.rules.display
ClucChildProcess
ClucContext
ClucContext.init
ClucContext.pushRule
ClucContext.must
ClucContext.success
ClucContext.confirm
ClucContext.mustnot
ClucContext.warn
ClucContext.watch
ClucContext.answer
ClucContext.display
ClucContext.redo
ClucSsh
ClucSSHContext
ClucSSHContext.init
ClucSSHContext.pushRule
ClucSSHContext.is
ClucSSHContext.must
ClucSSHContext.success
ClucSSHContext.confirm
ClucSSHContext.mustnot
ClucSSHContext.warn
ClucSSHContext.watch
ClucSSHContext.answer
ClucSSHContext.display
ClucSSHContext.redo
ClucRule
ClucMust
ClucSuccess
ClucMustNot
ClucConfirm
ClucWarn
ClucWatch
ClucAnswer
ClucDisplay
In development. It needs some tests. It misses putFile and readDir implementations. Documentation update.
FAQs
command line under control
The npm package cluc receives a total of 1 weekly downloads. As such, cluc popularity was classified as not popular.
We found that cluc demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.