Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
The 'commist' npm package is a command-line argument parser that helps in managing and dispatching commands in a CLI application. It allows you to define commands and their respective handlers, making it easier to build complex command-line tools.
Command Registration
This feature allows you to register a command and its handler. In this example, the 'hello' command is registered, and when invoked, it prints 'Hello, world!' to the console.
const commist = require('commist')();
commist.register('hello', () => {
console.log('Hello, world!');
});
commist.parse(process.argv.slice(2));
Subcommand Handling
This feature allows you to handle subcommands within a command. In this example, the 'greet' command can handle 'morning' and 'evening' subcommands, printing different messages accordingly.
const commist = require('commist')();
commist.register('greet', (args) => {
if (args[0] === 'morning') {
console.log('Good morning!');
} else if (args[0] === 'evening') {
console.log('Good evening!');
} else {
console.log('Hello!');
}
});
commist.parse(process.argv.slice(2));
Default Command
This feature allows you to define a default command that will be executed if no other command matches. In this example, a default command is registered to print a message.
const commist = require('commist')();
commist.register('default', () => {
console.log('This is the default command.');
});
commist.parse(process.argv.slice(2));
Commander is a popular command-line interface (CLI) library for Node.js. It provides a comprehensive solution for parsing command-line arguments and managing commands. Compared to commist, Commander offers more features such as automatic help generation, option parsing, and command aliasing.
Yargs is another powerful CLI library for Node.js that helps in building interactive command-line tools. It provides features like argument parsing, command handling, and generating help documentation. Yargs is more feature-rich compared to commist and is widely used for complex CLI applications.
Minimist is a lightweight library for parsing command-line arguments. It is simpler and more minimalistic compared to commist, focusing primarily on argument parsing without the additional command management features that commist provides.
Build command line application with multiple commands the easy way. To be used with minimist.
'use strict'
const program = require('commist')()
const result = program
.register('abcd', function(args) {
console.log('just do', args)
})
.register({ command: 'restore', equals: true }, function(args) {
console.log('restore', args)
})
.register('args', function(args) {
args = minimist(args)
console.log('just do', args)
})
.register('abcde code', function(args) {
console.log('doing something', args)
})
.register('another command', function(args) {
console.log('anothering', args)
})
.parse(process.argv.splice(2))
if (result) {
console.log('no command called, args', result)
}
To handle async
operations, use parseAsync
instead,
which let you await on registered commands execution.
'use strict'
const program = require('commist')()
const result = await program
.register('abcd', async function(args) {
await executeCommand(args)
await doOtherStuff()
})
.parseAsync(process.argv.splice(2))
if (result) {
console.log('no command called, args', result)
}
When calling commist programs, you can abbreviate down to three char words. In the above example, these are valid commands:
node example.js abc
node example.js abc cod
node example.js anot comm
Moreover, little spelling mistakes are corrected too:
node example.js abcs cod
If you want that the command must be strict equals, you can register the command with the json configuration:
program.register({ command: 'restore', strict: true }, function(args) {
console.log('restore', args)
})
If you want to limit the maximum levenshtein distance of your commands,
you can use maxDistance: 2
:
const program = require('commist')()
const minimist = require('minimist')
const result = program
.register('abcd', function(args) {
console.log('just do', args)
})
.register({ command: 'restore', equals: true }, function(args) {
console.log('restore', args)
})
.register('args', function(args) {
args = minimist(args)
console.log('just do', args)
})
.register('abcde code', function(args) {
console.log('doing something', args)
})
.register('another command', function(args) {
console.log('anothering', args)
})
.parse(process.argv.splice(2))
if (result) {
console.log('no command called, args', result)
}
MIT
FAQs
Build your commands on minimist!
The npm package commist receives a total of 631,473 weekly downloads. As such, commist popularity was classified as popular.
We found that commist demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.