Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
getstream-cli
Advanced tools
Stream's Command Line Interface (CLI) makes it easy to create and manage your Stream apps directly from the terminal. Currently, only Chat is supported; however, the ability to manage Feeds will be coming soon.
Note: The latest version of Node (v14.x) is required for this CLI. If you are looking for a way to manage multiple Node.js environments, please look at nvm.
If you're experiencing problems directly related to the CLI, please add an issue on GitHub.
For other issues, submit a support ticket.
As with any project, things are always changing. If you're interested in seeing what's changed in the Stream CLI, the changelog for this project can be found here.
The Stream CLI is easy to install and available via npm. The CLI requires Node v10.x or above.
$ yarn global add getstream-cli
OR
$ npm install -g getstream-cli
In order to initialize the CLI, it's as simple as:
Note: Your API key and secret can be found on the Stream Dashboard and is specific to your organization.
Basic commands use the following syntax:
$ stream command:COMMAND --arg1 "foo" --arg2 "bar"
Whereas commands for specific products use subcommands:
$ stream command:COMMAND:SUBCOMMAND --arg1 "foo" --arg2 "bar"
Interested in using the calling the CLI from a script? Or maybe you simply want raw response data? You can do that! Many of the commands accept a json
argument as a boolean
. Just pass the following along to the CLI and you'll get back a full representation of the response (in a raw data format):
$ stream command:COMMAND --arg1 "foo" --arg2 "bar" --json
Need to copy the output to your clipboard? Not a problem. Just pipe the information to pbcopy
(on macOS) along with the --json
flag:
$ stream debug:token --token "foo.bar.baz" --json | pbcopy
Want to call the Stream CLI using a bash command? No problem! Make sense of output using jq, a lightweight and flexible command-line JSON processor.
#! /bin/bash
run=$(stream config:get --json)
name=$(jq --raw-output '.name' <<< "${run}")
email=$(jq --raw-output '.email' <<< "${run}")
apiKey=$(jq --raw-output '.apiKey' <<< "${run}")
apiSecret=$(jq --raw-output '.apiSecret' <<< "${run}")
echo $name
echo $email
echo $apiKey
echo $apiSecret
OR
#! /bin/bash
stream chat:channel:create --channel=$(openssl rand -hex 12) --type="messaging" --name="CLI" --json | jq '.'
Note: See here for additional examples!
$ npm install -g getstream-cli
$ stream COMMAND
running command...
$ stream (-v|--version|version)
getstream-cli/0.0.63 linux-x64 node-v14.10.0
$ stream --help [COMMAND]
USAGE
$ stream COMMAND
...
stream autocomplete
- display autocomplete installation instructionsstream chat
- Adds a member to a channel.stream commands
- list all the commandsstream config
- Destroys your user configuration.stream debug
- Debugs a JWT token provided by Stream.stream help
- display help for streamIf you have any suggestions or just want to let us know what you think of the Stream CLI, please send us a message at support@getstream.io or create a GitHub Issue.
FAQs
Configure & manage Stream applications from the command line. 🚀
The npm package getstream-cli receives a total of 33 weekly downloads. As such, getstream-cli popularity was classified as not popular.
We found that getstream-cli demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.