Research
Security News
Kill Switch Hidden in npm Packages Typosquatting Chalk and Chokidar
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
crew makes managing Docker a breeze.
$ npm install crew
First you need to add a reference to crew to to your application.
const crew = require('crew');
To connect to a Docker server, call the crew
function and provide the hostname as well as the port. Additionally, you need to provide a private key and a certificate for client-side authentication, and a CA certificate for server-side authentication.
You may use the environment variables DOCKER_HOST
and DOCKER_CERT_PATH
to get appropriate values.
crew({
host: url.parse(process.env.DOCKER_HOST).hostname,
port: url.parse(process.env.DOCKER_HOST).port,
keys: {
privateKey: fs.readFileSync(path.join(process.env.DOCKER_CERT_PATH, 'key.pem')),
certificate: fs.readFileSync(path.join(process.env.DOCKER_CERT_PATH, 'cert.pem')),
caCertificate: fs.readFileSync(path.join(process.env.DOCKER_CERT_PATH, 'ca.pem'))
}
}, (err, dockWorker) => {
// ...
});
Please note that the initially provided options are available at dockWorker.options
.
To ping the Docker server, use the ping
function.
dockWorker.ping(err => {
// ...
});
If you need to verify whether an image is available on the Docker server, use the hasImage
function and provide the name of the image.
dockWorker.hasImage({ name: 'node' }, (err, hasImage) => {
console.log(hasImage); // => true
// ...
});
hasImage
also supports tags to check for a particular version of an image, as in the following example.
dockWorker.hasImage({ name: 'node', tag: '4.0' }, (err, hasImage) => {
console.log(hasImage); // => true
// ...
});
To download an image to the Docker server, use the downloadImage
function and provide the name of the image.
dockWorker.downloadImage({ name: 'node' }, err => {
// ...
});
If you want to download a specific version, add the tag to the name of the image.
dockWorker.downloadImage({ name: 'node', tag: '4.0' }, err => {
// ...
});
If you don't specify a tag, the tag latest
will be used which is also the default used by the Docker CLI.
To build an image, call the buildImage
function and provide the directory you want to use, a Dockerfile
, and the name of the image.
dockWorker.buildImage({
directory: __dirname,
dockerfile: path.join(__dirname, 'my-dockerfile'),
name: 'myImage'
}, err => {
// ...
});
buildImage
also supports tags fors images by passing in the optional tag
option.
dockWorker.buildImage({
directory: __dirname,
dockerfile: path.join(__dirname, 'my-dockerfile'),
name: 'myImage',
tag: '0.1.0'
}, err => {
// ...
});
If you want to exclude some files from the newly built image, you can use the dockerignore
property to provide the path to an ignore file.
dockWorker.buildImage({
directory: __dirname,
dockerfile: path.join(__dirname, 'my-dockerfile'),
dockerignore: path.join(__dirname, 'my-dockerignore'),
name: 'myImage'
}, err => {
// ...
});
If you want to modify the build context right before the image gets built, register a preBuild
hook and do whatever you want to do.
dockWorker.buildImage({
directory: __dirname,
dockerfile: path.join(__dirname, 'my-dockerfile'),
dockerignore: path.join(__dirname, 'my-dockerignore'),
preBuild: (preBuildOptions, done) => {
console.log(preBuildOptions);
// => {
// directory: '...'
// }
done(null);
},
name: 'myImage'
}, err => {
// ...
});
To create and start a container, call the startContainer
function and provide the name of the image and the desired container name. This returns the newly created container's id.
dockWorker.startContainer({
image: 'node',
name: 'myContainer'
}, (err, id) => {
console.log(id); // => '70073a08b0f7fdfef44ca6fe03ba5e796d4773d9628b6f68eb7e34568dc73e1f'
// ...
});
startContainer
also supports image tags.
dockWorker.startContainer({
image: 'node',
tag: '4.0',
name: 'myContainer'
}, (err, id) => {
console.log(id); // => '70073a08b0f7fdfef44ca6fe03ba5e796d4773d9628b6f68eb7e34568dc73e1f'
// ...
});
If you want your container to restart automatically on crashes, add the restart
property to the parameter object and set it to true
.
dockWorker.startContainer({
image: 'node',
name: 'myContainer',
restart: true
}, (err, id) => {
// ...
});
To forward container ports to the host, add the ports
property to the parameter object and hand over an array of forwardings.
dockWorker.startContainer({
image: 'node',
name: 'myContainer',
ports: [
{ container: 3000, host: 80 }
]
}, (err, id) => {
// ...
});
To set environment variables, add the env
property to the parameter object and hand over the keys and values you want to use as environment variables.
dockWorker.startContainer({
image: 'node',
name: 'myContainer',
env: {
port: 3000
}
}, (err, id) => {
// ...
});
To use volumes from the host, add the volumes
property to the parameter object and hand over an array of volume mappings.
dockWorker.startContainer({
image: 'node',
name: 'myContainer',
volumes: [
{ container: '/data', host: '/home/janedoe/foo' }
]
}, (err, id) => {
// ...
});
To link a container to another one, add the links
property to the parameter object and hand over an array of link mappings.
dockWorker.startContainer({
image: 'node',
name: 'myContainer',
links: [
{ name: 'mongodb', alias: 'db' }
]
}, (err, id) => {
// ...
});
To add extra hosts to the container's /etc/hosts
file, add the network
property to the parameter object and assign a hosts
property to it.
dockWorker.startContainer({
image: 'node',
name: 'myContainer',
network: {
hosts: [
{ name: 'example.com', ip: '192.168.0.1' }
]
}
}, (err, id) => {
// ...
});
To get information on running containers for a specific image, use the getRunningContainersFor
function and provide the image name.
dockWorker.getRunningContainersFor({ name: 'node' }, (err, containers) => {
console.log(containers);
// => [
// {
// image: 'node',
// name: 'my-container',
// ports: [
// { container: 3000, host: 3000 }
// ],
// env: {
// PORT: '3000'
// },
// volumes: [
// { container: '/data', host: '/home/janedoe/foo' }
// ],
// links: [
// { name: 'your-container', alias: 'yours' }
// ],
// network: {
// hosts: [
// { name: 'example.com', ip: '192.168.0.1' }
// ]
// }
// }
// ]
});
Again, you may also specify an image tag.
dockWorker.getRunningContainersFor({ name: 'node', tag: '4.0' }, (err, containers) => {
// ...
});
Alternatively you may specify the image name by a regular expression.
dockWorker.getRunningContainersFor(/^no/, (err, containers) => {
// ...
});
To get the logs of a running container, call the getLogs
function and provide the name of the container.
dockWorker.getLogs('myContainer', (err, stdOut, stdErr) => {
// ...
});
To stop and automatically remove a running container, call the stopContainer
function and provide the name of the container.
dockWorker.stopContainer('myContainer', err => {
// ...
});
This module can be built using Grunt. Besides running the tests, this also analyses the code. To run Grunt, go to the folder where you have installed crew and run grunt
. You need to have grunt-cli installed.
$ grunt
If you're using Docker Machine, make sure to copy the crew source folder to your Docker Machine before running the tests. Assuming your Docker machine name is dev
and you're in the crew
source folder on your local machine run the following commands.
docker-machine ssh dev -- mkdir -p $(pwd)
docker-machine scp -r . dev:$(pwd)
After this, you can run the tests as described above.
The MIT License (MIT) Copyright (c) 2014-2015 the native web.
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
FAQs
crew makes managing Docker a breeze.
We found that crew demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.