Security News
Deno 2.6 + Socket: Supply Chain Defense In Your CLI
Deno 2.6 introduces deno audit with a new --socket flag that plugs directly into Socket to bring supply chain security checks into the Deno CLI.
By Sarah Gooding -  Dec 12, 2025
🚨 Shai-Hulud Strikes Again:834 Packages Compromised.Technical Analysis →
ghostrunner
Advanced tools
Ghostrunner
A CLI for the Ghost blogging platform.
Ghostrunner is a command-line application that can create Ghost blogs, and provides OS-specific service wrappers (upstart, launchctl or initctl) so that the server is started on system startup.
Usage
npm install -g ghostrunner
Creating a Blog
mkdir somewhere && cd somewhere
ghostrunner init
ghostrunner server
ghostrunner init will not overwrite any files - if you want to overwrite files then remove them first.
Installing the blog as a service
ghostrunner install # uses ndm to install the appropriate service wrapper for your OS
ghostrunner start # to start the service now
Deployment
- Install ghostrunner on the server:
sudo npm install -g ghostrunner - Deploy the blog to your server and
cdinto the directory npm install && sudo ghostrunner install && sudo ghostrunner start- Confirm that it runs on system startup by rebooting
Specifying user and group
If you want to run your blog as a different user you can use the --uid and --gid options. Be
aware that running as root is probably a very bad idea.
ghostrunner install --uid myuser --gid myuser
Troubleshooting
- If you change the package name (in package.json) you will also need to change the
ghostrunner-blogkey in service.json
FAQs
A CLI for the Ghost blogging platform
We found that ghostrunner demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 02 Sep 2015
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
New React Server Components Vulnerabilities: DoS and Source Code Exposure
New DoS and source code exposure bugs in React Server Components and Next.js: what’s affected and how to update safely.
By Sarah Gooding -  Dec 12, 2025
Security News
Software Engineering Daily Podcast: Feross on AI, Open Source, and Supply Chain Risk
Socket CEO Feross Aboukhadijeh joins Software Engineering Daily to discuss modern software supply chain attacks and rising AI-driven security risks.
By Sarah Gooding -  Dec 11, 2025