Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
findjs -- Walk a file hierarchy, listing or grepping matching files
findjs
is a CLI tool modeled after the unix tools FIND(1)
and GREP(1)
. Like find
, it can walk a file hierarchy and print to stdout the names of all files that satisfy some simple filters. findjs
can also run egrep
on each file.
findjs
can't do anything that can't be done with find
and grep
, but it has some simple defaults that make it more convenient for node
development. Those defaults are:
.js
.node_modules
directory..git
directory.These defaults can be overridden using the options --file-match
and --dir-match
.
List all .js
files under the current directory, but omitting the .git
and node_modules
directories:
$ findjs
index.js
lib/descendents.js
Grep all .js
files under the current directory for a pattern:
$ findjs -g exports
index.js
1:module.exports = require('./lib/descendents.js');
lib/descendents.js
69:module.exports = {
List all .js
files containing a pattern (like grep -l
):
$ findjs -m function
lib/descendents.js
Usage: findjs [options] [path...]
Walk a file hierarchy, listing or grepping matching files
Options:
-h, --help output usage information
-f, --file-match [pattern] Include files that match pattern
-d, --dir-match [pattern] Exclude directories matching pattern
-g, --grep [pattern] Instead of listing files, grep each file for pattern
-m, --match [pattern] Only list files which contain pattern (grep -l)
FAQs
walk a file hierarchy, returning files satisfying criteria
We found that findjs demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.