Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
The cpy npm package is a simple file copying utility for Node.js. It allows you to copy files or directories from one location to another with various options such as overwriting existing files, preserving directory structure, and more.
Copy files
This feature allows you to copy files matching a specific pattern (e.g., all PNG files in the 'source' directory) to a destination directory.
const cpy = require('cpy');
cpy(['source/*.png'], 'destination').then(() => {
console.log('Files copied!');
});
Copy files with options
This feature allows you to copy files with additional options such as not overwriting existing files (`overwrite: false`) and preserving the directory structure (`parents: true`).
const cpy = require('cpy');
cpy(['source/*.png'], 'destination', {
overwrite: false,
parents: true
}).then(() => {
console.log('Files copied with options!');
});
Copy and rename
This feature allows you to copy a file and rename it in the destination directory using a rename function.
const cpy = require('cpy');
cpy(['source/file.txt'], 'destination', {
rename: basename => `new-${basename}`
}).then(() => {
console.log('File copied and renamed!');
});
The ncp (node-copy-paste) package is similar to cpy and provides asynchronous recursive file copying with Node.js. It is an older package and does not provide as modern a syntax as cpy, which uses promises.
fs-extra is a package that extends the built-in fs module and includes file copying functionality. It offers a broader set of file system operations compared to cpy, including copying, moving, deleting files, and more.
copyfiles is a package that provides a command-line utility to copy files. It can be used in npm scripts and has a flat option to copy all files to a single directory level. It is less feature-rich than cpy when it comes to API usage within Node.js code.
Copy files
npm install cpy
import cpy from 'cpy';
await cpy([
'source/*.png', // Copy all .png files
'!source/goat.png', // Ignore goat.png
], 'destination');
// Copy node_modules to destination/node_modules
await cpy('node_modules', 'destination');
// Copy node_modules content to destination
await cpy('node_modules/**', 'destination');
// Copy node_modules structure but skip all files except package.json files
await cpy('node_modules/**/*.json', 'destination');
// Copy all png files into destination without keeping directory structure
await cpy('**/*.png', 'destination', {flat: true});
console.log('Files copied!');
Returns a Promise<string[]>
with the destination file paths.
Type: string | string[]
Files to copy.
If any of the files do not exist, an error will be thrown (does not apply to globs).
Type: string
Destination directory.
Type: object
Options are passed to globby.
In addition, you can specify the below options.
Type: string
Default: process.cwd()
Working directory to find source files.
Type: boolean
Default: true
Overwrite existing files.
Type: boolean
Default: false
Flatten directory structure. All copied files will be put in the same directory.
import cpy from 'cpy';
await cpy('src/**/*.js', 'destination', {
flat: true
});
Type: string | Function
Filename or function returning a filename used to rename every file in source
.
import cpy from 'cpy';
await cpy('foo.js', 'destination', {
// The `basename` is the filename with extension.
rename: basename => `prefix-${basename}`
});
await cpy('foo.js', 'destination', {
rename: 'new-name'
});
Type: number
Default: (os.cpus().length || 1) * 2
Number of files being copied concurrently.
Type: boolean
Default: true
Ignores junk files.
Type: Function
Function to filter files to copy.
Receives a source file object as the first argument.
Return true to include, false to exclude. You can also return a Promise that resolves to true or false.
import cpy from 'cpy';
await cpy('foo', 'destination', {
filter: file => file.extension !== 'nocopy'
});
Type: string
Example: '/tmp/dir/foo.js'
Resolved path to the file.
Type: string
Example: 'dir/foo.js'
if cwd
was '/tmp'
Relative path to the file from cwd
.
Type: string
Example: 'foo.js'
Filename with extension.
Type: string
Example: 'foo'
Filename without extension.
Type: string
Example: 'js'
File extension.
Type: Function
{
completedFiles: number,
totalFiles: number,
completedSize: number,
percent: number,
sourcePath: string,
destinationPath: string,
}
completedSize
is in bytespercent
is a value between 0
and 1
sourcePath
is the absolute source path of the current file being copied.destinationPath
is The absolute destination path of the current file being copied.Note that the .on()
method is available only right after the initial cpy
call, so make sure you add a handler
before awaiting the promise:
import cpy from 'cpy';
await cpy(source, destination).on('progress', progress => {
// …
});
FAQs
Copy files
The npm package cpy receives a total of 968,539 weekly downloads. As such, cpy popularity was classified as popular.
We found that cpy demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.