
Research
npm Malware Targets Telegram Bot Developers with Persistent SSH Backdoors
Malicious npm packages posing as Telegram bot libraries install SSH backdoors and exfiltrate data from Linux developer machines.
grunt-contrib-rename
Advanced tools
A convenient plugin but not necessary because you can just use 'copy' and 'delete' tasks in Grunt. Built this more to fiddle around with Grunt and to gain some knowledge HowTo build a plugin for Grunt.
This plugin requires Grunt 1.0.0
If you haven't used Grunt before, be sure to check out the Getting Started guide, as it explains how to create a Gruntfile as well as install and use Grunt plugins. Once you're familiar with that process, you may install this plugin with this command:
npm install grunt-contrib-rename
Once the plugin has been installed, it may be enabled inside your Gruntfile with this line of JavaScript:
grunt.loadNpmTasks('grunt-contrib-rename');
*This plugin was designed to work with Grunt 0.4.x. If you haven't used Grunt before, be sure to check out the Getting Started guide, as it explains how to create a Gruntfile as well as install and use Grunt plugins. Once you're familiar with that process, you may install this plugin with this command
Available at NPM
Run this task with the grunt rename
command.
Task targets, files and options may be specified according to the grunt Configuring tasks guide.
Due to the destructive nature of this task, always be cautious of the files you rename.
No Options available yet as of 0.0.2
Behind the scenes as of 0.0.2 use fs.renameSync
Yes, rename can be used as move as well when the destination path is different from the source path
rename: {
main: {
files: [
{src: ['path/to/[file or folder]'], dest: 'path/to/[file-renamed or folder-renamed]'},
]
}
}
FAQs
Rename files.
The npm package grunt-contrib-rename receives a total of 4,189 weekly downloads. As such, grunt-contrib-rename popularity was classified as popular.
We found that grunt-contrib-rename demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Malicious npm packages posing as Telegram bot libraries install SSH backdoors and exfiltrate data from Linux developer machines.
Security News
pip, PDM, pip-audit, and the packaging library are already adding support for Python’s new lock file format.
Product
Socket's Go support is now generally available, bringing automatic scanning and deep code analysis to all users with Go projects.