Research
Recent Trends in Malicious Packages Targeting Discord
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
fileicon
Advanced tools
Readme
Contents
fileicon
is a macOS CLI for managing custom icons for files and folders, as
a programmatic alternative to interactively using Finder.
fileicon
allows assigning a custom icon to any file or folder,
using any image file whose format is recognized by the system.
Caveats:
Custom icons rely on extended attributes of the macOS filesystems, HFS+ and APFS. Therefore, custom icons are lost when copying files or folders to filesystems that don't support these attributes; for instance, custom icons cannot be stored in a Git repository.
v0.3.2+ supports custom icons for volumes (folders that act as volume mountpoints) in principle, but, as of macOS 13.1 (Ventura), this often fails in practice, for reasons unknown to me; see this Ask Different question, for instance.
When assigning an image file with fileicon set
, a set of icons in several
resolutions is created and stored in the resource fork of the target file itself
/ of a hidden Icon\r
file inside the target folder / as the content of a hidden .VolumeIcon.icns
file for folders that are volume mountpoints. Addtionally, a com.apple.FinderInfo
extended attribute with the custom-icon attribute (flag) is set on the target file or folder itself.
The icon with the highest resolution measures 512 x 512 pixels, and the input
image is scaled accordingly.
Note that input images that aren't square can result in distorted icons;
for best results, provide square images.
If you supply an input path to a symlink, it is invariably its target that is used for the operation; symlinks themselves cannot have icons associated with them.
See also: Icon Changer, a GUI utility that uses fileicon
behind the scenes.
# Assign custom icon derived from image file 'img.png' to file 'foo':
fileicon set foo img.png
# Remove previously assigned custom icon from folder 'foodir':
fileicon rm foodir
# Extract custom icon from file 'foo' to icon file 'foo.icns':
fileicon get foo
# Test if folder 'foodir' has custom icon:
fileicon test foodir
Supported platforms:
Important: If you're running macOS 12.3 or higher, be sure to install at least version 0.3.1 of this utility, as it no longer relies on Python (which no longer ships with macOS).
With Homebrew installed, run the following:
brew install fileicon
Tip of the hat to @danielbayley for creating and submitting the formula.
With Node.js installed, install the package as follows:
[sudo] npm install fileicon -g
Note:
sudo
depends on how you installed Node.js and whether you've changed permissions later; if you get an EACCES
error, try again with sudo
.-g
ensures global installation and is needed to put fileicon
in your system's $PATH
.fileicon
.chmod +x fileicon
.$PATH
, such as /usr/local/bin
(requires sudo
).Find concise usage information below; for complete documentation, read the manual online, or, once installed, run man fileicon
(fileicon --man
if installed manually).
$ fileicon --help
Manage custom icons for files and folders on macOS.
SET a custom icon for a file or folder:
fileicon set <fileOrFolder> [<imageFile>]
REMOVE a custom icon from a file or folder:
fileicon rm <fileOrFolder>
GET a file or folder's custom icon:
fileicon get [-f] <fileOrFolder> [<iconOutputFile>]
-f ... force replacement of existing output file
TEST if a file or folder has a custom icon:
fileicon test <fileOrFolder>
All forms: option -q silences status output.
Standard options: --help, --man, --version, --home
Copyright (c) 2015-2022 Michael Klement mklement0@gmail.com (http://same2u.net), released under the MIT license.
This project gratefully depends on the following open-source components, according to the terms of their respective licenses.
npm dependencies below have optional suffixes denoting the type of dependency; the absence of a suffix denotes a required run-time dependency: (D)
denotes a development-time-only dependency, (O)
an optional dependency, and (P)
a peer dependency.
Versioning complies with semantic versioning (semver).
v0.3.3 (2023-03-02):
v0.3.2 (2022-12-29):
v0.3.1 (2022-04-07):
v0.3.0 (2022-02-11):
python3
on macOS 12.3+, where the system v2.x /usr/bin/python
will no longer be avaialble.v0.2.4 (2019-12-10):
v0.2.3 (2019-11-01):
README.md
updated with Homebrew installation instructions.v0.2.2 (2018-03-05):
filecon set <file>
is now short for filecon set <file> <file>
; that is, you can now more
conveniently make an image file use itself as its icon.v0.2.1 (2018-01-13):
<(...)
) in lieu of an actual image file,
which is not supported.v0.2.0 (2017-10-14):
sips -i
for icon creation to a Python-based
Cocoa call to NSWorkSpace.setIcon(_:forFile:options:)
, courtesy of https://apple.stackexchange.com/a/161984/28668
As a result, icons in multiple resolutions are now generated, with a top resolution of 512 x 512 pixels (previously: 128 x 128)README.md
.v0.1.8 (2016-04-21):
TODO.md
added.v0.1.7 (2016-04-21):
v0.1.6 (2015-09-16):
v0.1.5 (2015-09-15):
v0.1.4 (2015-09-14):
fileicon --man
on a system where the man page isn't installed.v0.1.3 (2015-09-02):
v0.1.2 (2015-08-04):
v0.1.1 (2015-08-03):
v0.1.0 (2015-08-03):
FAQs
OSX CLI for managing custom icons for files and folders
The npm package fileicon receives a total of 69 weekly downloads. As such, fileicon popularity was classified as not popular.
We found that fileicon demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.