Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
flik
Build auto-documenting CLIs with an easy-to-use, declarative API.
CLI frameworks in NodeJS are a dime-a-dozen. I built flik
anyways because I didn't love any solution out there. In particular, there was always a little bit of jank when working with TypeScript. flik
is built from the ground-up to make the best use of TypeScript possible, especially when working with the dynamic nature of CLIs.
With NPM:
npm install -D flik
With Yarn:
yarn add -D flik
W.I.P.
It's easy!™️
Just give your command some options & define some functionality:
// my-cool-cli/commands/hello-world.ts
import { createCommand } from 'flik';
export const helloWorld = createCommand(
{
/**
* The name of your command.
*/
command: 'hello',
/**
*
*/
description: "I'm just here to say hello",
/**
* Provide some example usage(s) for your command.
*
* These will be printed (with the binary & command automatically prefixed)
* in help text if the user provides the `--help` flag.
*/
examples: [
'testing testing one two three'
],
/**
* Define some strongly-typed inputs for your command.
* (We'll take a deeper look at this in the next section)
*/
inputs: { flags, positionalArgs, variadicArg },
/**
*
*/
cleanup: async () => {
console.log('I log something when the process is stopped.');
}
},
/**
* Do some stuff with your command!
*/
async () => {
console.log('hello!');
}
);
TODO
// my-cool-cli/index.ts
import { start } from 'flik';
import { helloWorld } from './commands/hello-world';
start({
/**
*
*/
binaryName: 'my-cool-cli',
/**
*
*/
version: '1.0.0',
/**
*
*/
commands: [helloWorld],
});
FAQs
Build auto-documenting CLIs with an easy-to-use, declarative API.
The npm package flik receives a total of 0 weekly downloads. As such, flik popularity was classified as not popular.
We found that flik demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.