Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Git log parser for Node.JS
npm install gitlog --save
const gitlog = require('gitlog');
const options =
{ repo: __dirname + '/test-repo-folder'
, number: 20
, author: 'Dom Harrington'
, fields:
[ 'hash'
, 'abbrevHash'
, 'subject'
, 'authorName'
, 'authorDateRel'
]
, execOptions:
{ maxBuffer: 1000 * 1024
}
};
// Asynchronous (with Callback)
gitlog(options, function(error, commits) {
// Commits is an array of commits in the repo
console.log(commits)
});
// Synchronous
let commits = gitlog(options);
console.log(commits);
See git log
The location of the repo, required field.
The number of commits to return, defaults to 10.
Show commits more recent than a specific date.
Show commits older than a specific date.
Limit the commits output to ones with author/committer header lines that match the specified pattern.
Below fields was returned from the log:
This option is enabled by default.
Much more likely to set status codes to 'C' if files are exact copies of each other.
This option is disabled by default.
Find commits on all branches instead of just on the current one.
This option is disabled by default.
Show only commits in the specified branch or revision range.
By default uses the current branch and defaults to HEAD
(i.e. the whole history leading to the current commit).
Type: Object
Specify some options to be passed to the .exec() method:
cwd
String Current working directory of the child processenv
Object Environment key-value pairssetsid
Booleanencoding
String (Default: 'utf8')timeout
Number (Default: 0)maxBuffer
Number (Default: 200*1024)killSignal
String (Default: 'SIGTERM')An array of fields to return from the log, here are the possible options:
Defaults to 'abbrevHash', 'hash', 'subject' and 'authorName'.
This module works by executing a child process (using child_process.exec()
) to the git
executable, then parsing the stdout into commits. This is done using the --pretty
command line option which allows you to provide a custom formatter to git log
. To enable easy parsing the format is delimited by a tab (\t
) character.
{ hash: '6a7ef5e3b3d9c77743140443c8f9e792b0715721',
abbrevHash: '6a7ef5e',
treeHash: 'f1bf51b15b48a00c33727f364afef695029864c0',
abbrevTreeHash: 'f1bf51b',
parentHashes: 'cfe06dbdb8d0a193640977e016a04678f8f3b04f',
abbrevParentHashes: 'cfe06dbdb8d0a193640977e016a04678f8f3b04f',
authorName: 'Dom Harrington',
authorEmail: 'dom@harringtonxxxxx',
authorDate: '2015-04-09 09:39:23 +0100',
authorDateRel: '6 days ago',
committerName: 'Dom Harrington',
committerEmail: 'dom@harringtonxxxxx',
committerDate: 'Thu Apr 9 09:39:23 2015 +0100',
committerDateRel: '6 days ago',
subject: '1.0.0',
status: [ 'M' ],
files: [ 'package.json' ] }
FAQs
Git log parser for Node.JS
The npm package gitlogplus receives a total of 13 weekly downloads. As such, gitlogplus popularity was classified as not popular.
We found that gitlogplus demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.