DashFiles is a data storage app that features strong privacy, so you encrypt files locally before storing.
Locally, DashFiles uses the file .dashfile to manage your profile. Most CLI commands require your profile. If it cannot be found in your working directory or its ancestors, one is automatically generated. DashFiles maintains a remote directory of your files with directory containing .dashfile serving as the remote root. Your .dashfile is a YAML file structured like this:
profile:
publicKey: 6ovGwDUSNRgV2RvTONsw6JBU2kCZA379ELrsS3/ojQo=
device:
privateKey: Q8kehMPhEWxyoP3MlbX9LAIMCeO9YRSekzTdFWRQqsY=
publicKey: a5xasUsJTcQ5w0UwERNb98TOUHw5e+grUVym+jq1aD4=
Your profile public-key serves to anonymously identify and reference your profile. Files are encrypted using the corresponding private-key, but it is not stored directly.
To safely make your profile private-key available to multiple devices, each device is assigned a device key-pair. The device public-key is used to identify the device and authorize requests to the DashFiles API, while the device private-key is used to encrypt the profile private key before storing it with the API.
Using this scheme, the device private-key never leaves your device, and the profile private-key is only ever stored in an encrypted form. Therefore, if you delete .dashfile, you lose access to your profile private key and your files.
npm install dashfiles -g
This gives you the command-line executable dash.
DashFiles maintains a remote tree mirroring local storage, with the directory containing your .dashfile serving as the remote root. These commands allow you to manipulate files in the remote tree.
These commands all accept file specifications as shell expressions. You may input a single file, multiple files, a directory (which will be acted upon recursively), or an expression containing a wildcard to be expanded.
dash push file [file2 file3...]
This updates the remote tree to be identical to the local files. This is a destructive operation: remote files are added, updated, or removed to make remote storage conform to the local tree. push requires an input, allowing you to limit the update to a single file or directory (causes a recursive update), or you may use a wildcard expression to act more broadly. If the remote files are identical to the local ones, no action is taken.
dash get file [file2 file3...]
This retrieves a target file or directory (acts recursively) from remote storage - if available - decrypts it, and saves it to local storage. This operation is non-destructive and insensitive to versioning. If the target filename already exists, it is appended with a file count. ex foobar-1.txt
dash put file [file2 file3...]
This takes a specified file or directory (acts recursively), encrypts it, and uploads it to your profile's remote storage. This operation is destructive and insensitive to versioning. The local file is taken as authoritative and overwrites the remote file, if it exists.
dash delete file [file2 file3...]
This removes a target file or directory (acts recursively) from remote storage. This operation is destructive and insensitive to versioning, but has NO EFFECT locally.
dash list
This provides an alphabetical listing of all available remote files relative to your current working directory. If there are remote files in the ancestor to your working directory, they are not printed. list fully lists the contents of directories and their descendants.
DashFiles supports storing contact information in your profile to allow you to register additional devices via multi-factor authentication. However, this feature is entirely optional. No contact information is required to use DashFiles on a single device.
dash contact add --phone [country-code][full-number] --email [email-address]
This adds a piece of contact info to your profile. You may specify either an email address, a phone number, or multiple of either. Adding a new contact will cause DashFiles to issue a validation message with a six-digit code. You have three minutes to retrieve that code and input it with dash contact validate.
dash contact validate [code]
This is allows you to submit the validation code issued to the address you specified with dash contact add. DashFiles looks up the contact attached to the code and validates the contact. Afterwards, that contact is fully empowered to authorize new devices.
dash contact delete [phone-number OR email-address]
This allows you to delete a contact (validated or not) from your profile. This operation can only be issued by an authorized device, but does not require additional authentication. This operation is destructive. You will have to go through the validation flow if you wish to use the contact again.
dash contact list
This provides a list of the contacts associated with this profile and whether they are validated.
DashFiles supports functioning across multiple devices. Provided you have a validated contact, you can go through a registration flow to safely add a new device and gain access to remote files.
dash device add [profile-public-key] [--contact [email-address OR phone-number]]
This allows you to register a new device with your profile. You need the public profile key in the original device's .dashfile and a validated contact already in your profile. If you have more than one, you may specified your desired authorization method with the --contact flag. DashFiles provisionally attaches the new device to your profile. You will then receive a six-digit validation code at that contact and have three minutes to use it with dash device validate on the original device.
dash device validate [code]
This accepts the six-digit validation code generated with dash device add. You use this command from an authorized device to validate a request to register a new device. If the code is valid, the client then encrypts the profile private key for the new device (with the new device's public device key). dash device complete is a final step required on the new device.
dash device complete
This is the final step in the new device registration flow. The new device needs to decrypt the profile private key that the original device prepared and then store a new copy encrypted with the new device's private-key. After this command, the new device is fully registered. It now has a .dashfile file and full rights to access the remote file tree.
FAQs
CLI for DashFiles - file storage with strong privacy
The npm package dashfiles receives a total of 1 weekly downloads. As such, dashfiles popularity was classified as not popular.
We found that dashfiles demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
A phishing attack targeted developers using a typosquatted npm domain (npnjs.com) to steal credentials via fake login pages - watch out for similar scams.
Security News
Knip hits 500 releases with v5.62.0, refining TypeScript config detection and updating plugins as monthly npm downloads approach 12M.
Security News
The EU Cyber Resilience Act is prompting compliance requests that open source maintainers may not be obligated or equipped to handle.