Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
farm-invest-cli
Advanced tools
A CLI tool, built to detect updates to the products on:
with npm
npm i -g farm-invest-cli
with yarn
yarn add global farm-invest-cli
for developers
git clone https://github.com/mykeels/farm-invest-cli
cd farm-invest-cli
npm install
npm link
farm-invest-cli
farm-invest-cli efarms # only efarms
farm-invest-cli farm-crowdy # only farm-crowdy
farm-invest-cli thrive-agric # only thrive-agric
You'll get an output like:
Where the green text shows new products, and text is only shown when there is a difference between the products currently existing and the last time it checked.
const { syncAll, syncEFarms, syncFarmCrowdy, syncThriveAgric } = require('farm-invest-cli')
syncAll().then(diff => {
console.log(diff.toString()) // a product text diff for all sources
})
syncEFarms().then(diff => {
console.log(diff.toString()) // a product text diff for eFarms
})
syncFarmCrowdy().then(diff => {
console.log(diff.toString()) // a product text diff for Farm-Crowdy
})
syncThriveAgric().then(diff => {
console.log(diff.toString()) // a product text diff for Thrive-Agric
})
const { getEFarms, getFarmCrowdy, getThriveAgric } = require('farm-invest-cli')
getEFarms().then(productListText => {
console.log(productListText) // a textual description of active products on eFarms
})
getFarmCrowdy().then(productListText => {
console.log(productListText) // a textual description of active products on Farm-Crowdy
})
getThriveAgric().then(productListText => {
console.log(productListText) // a textual description of active products on Thrive-Agric
})
FAQs
Are there new investment opportunities on FarmCrowdy, ThriveAgric or EFarms?
The npm package farm-invest-cli receives a total of 0 weekly downloads. As such, farm-invest-cli popularity was classified as not popular.
We found that farm-invest-cli demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.