Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
gazer-color
Advanced tools
Watch some files, do a thing
A simple wrapper for Shama's gaze module that performs an arbitrary command when files change. Like watchify, but for everything.
$ npm install --save-dev gazer-color
# or
$ npm install -g gazer-color
$ gazer-color --pattern README.md -- echo blorp
# note the -- between the gazer-color arguments like --patern and the command and its arguments
[README.md changes]
> blorp
gaze accepts an array of patterns, so do gazer-color
.
gaze(['**/*.js', '!node_modules/**/*'], function() {
console.log('blorp');
});
$ gazer-color --pattern "**/*.js" --pattern "!node_modules/**/*" -- echo blorp
[index.js changes]
> blorp
If you haven't read substack's post describing lightweight build steps
with npm run
, I'll
give you a moment to get up to speed.
Here's how you might use gazer-color
to run a build task every time a file
changes:
{
"scripts": {
"test": "mocha",
"watch-test": "gazer-color -p \"public/less/**/*.less\" -- npm run test"
}
}
And then start the watcher:
$ npm run watch-less
FAQs
Watch some files, do a thing - a gazer fork capable of color output
The npm package gazer-color receives a total of 3 weekly downloads. As such, gazer-color popularity was classified as not popular.
We found that gazer-color demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.