
Research
/Security News
11 Malicious NuGet Tools Pose as Game Cheats to Drop a Windows Host-Surveillance Payload
11 malicious NuGet tools pose as game cheats to deploy Windows payloads, track hosts, and use Google Sheets for telemetry and control.
create-can-stack
Advanced tools
CLI tool to create new Can Stack projects with Next.js, Better Auth, Drizzle ORM, and more
A CLI tool to quickly scaffold a full-stack Next.js application with modern tools and best practices.
The generated project includes:
Create a new project with:
# Using npm
npm create can-stack@latest
# Using pnpm
pnpm create can-stack
# Using yarn
yarn create can-stack
# With project name
npm create can-stack@latest my-app
After creating your project:
# Navigate to your project
cd my-app
# Install dependencies
pnpm install
# Set up environment variables
cp .env.example .env
# Edit .env with your database URL and API keys
# Generate database schema
pnpm db:generate
# Start development server
pnpm dev
Open http://localhost:3000 in your browser.
my-app/
├── apps/
│ └── app/ # Next.js application
├── packages/
│ ├── auth/ # Better Auth configuration
│ ├── db/ # Drizzle ORM database
│ ├── rpc/ # oRPC API routes
│ ├── transactional/ # Email templates
│ ├── ui/ # shadcn/ui components
│ ├── eslint-config/ # Shared ESLint config
│ └── typescript-config/# Shared TypeScript config
├── package.json # Root workspace config
├── pnpm-workspace.yaml # Workspace definition
└── turbo.json # Turborepo configuration
# Development
pnpm dev # Start dev server
pnpm build # Build for production
pnpm start # Start production server
# Database
pnpm db:generate # Generate migrations
pnpm db:migrate # Run migrations
pnpm db:studio # Open Drizzle Studio
# Code Quality
pnpm lint # Run ESLint
pnpm typecheck # Run TypeScript checks
Required environment variables:
# Database
DATABASE_URL=postgresql://user:password@localhost:5432/db
# Authentication
AUTH_SECRET=your-secret-here
AUTH_URL=http://localhost:3000
# Email (Resend)
RESEND_API_KEY=re_xxxx
Contributions are welcome! Please feel free to submit a Pull Request.
MIT
FAQs
CLI tool to create new Can Stack projects with Next.js, Better Auth, Drizzle ORM, and more
The npm package create-can-stack receives a total of 2 weekly downloads. As such, create-can-stack popularity was classified as not popular.
We found that create-can-stack demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
/Security News
11 malicious NuGet tools pose as game cheats to deploy Windows payloads, track hosts, and use Google Sheets for telemetry and control.

Research
/Security News
4 compromised asyncapi packages deliver miasma botnet loader on macOS, Linux and Windows.

Research
/Security News
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.