Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
The Heroku CLI is used to manage Heroku apps from the command line. It is built using oclif.
For more about Heroku see https://www.heroku.com/home
To get started see https://devcenter.heroku.com/start
This is the next generation Node-based Heroku CLI. The goals of this project were to make plugins more flexible, remove Ruby as a runtime dependency, and make the CLI faster.
It has identical functionality to the old Ruby CLI. Under the hood, it is a modular CLI made up of node.js plugins.
For more on developing plugins, read Developing CLI Plugins
For problems directly related to the CLI, add an issue on GitHub.
For other issues, submit a support ticket.
heroku access
- manage user access to appsheroku addons
- tools and services for developing, extending, and operating your appheroku apps
- manage apps on Herokuheroku auth
- check 2fa statusheroku authorizations
- OAuth authorizationsheroku autocomplete
- display autocomplete installation instructionsheroku buildpacks
- scripts used to compile appsheroku certs
- a topic for the ssl pluginheroku ci
- run an application test suite on Herokuheroku clients
- OAuth clients on the platformheroku config
- environment variables of appsheroku container
- Use containers to build and deploy Heroku appsheroku domains
- custom domains for appsheroku drains
- forward logs to syslog or HTTPSheroku features
- add/remove app featuresheroku git
- set git remote and clone Heroku repositoryheroku help
- Display help for heroku.heroku keys
- add/remove account ssh keysheroku labs
- add/remove experimental featuresheroku local
- run Heroku app locallyheroku logs
- display recent log outputheroku maintenance
- enable/disable access to appheroku members
- manage organization membersheroku orgs
- manage organizationsheroku pg
- manage postgresql databasesheroku pipelines
- manage pipelinesheroku plugins
- List installed plugins.heroku ps
- Client tools for Heroku Execheroku redis
- manage heroku redis instancesheroku regions
- list available regions for deploymentheroku reviewapps
- manage reviewapps in pipelinesheroku run
- run a one-off process inside a Heroku dynoheroku sessions
- OAuth sessionsheroku spaces
- manage heroku private spacesheroku status
- display current status of the Heroku platformheroku teams
- manage teamsheroku update
- update the Heroku CLIheroku version
heroku webhooks
- list webhooks on an appThis project is built with lerna. The core plugins are located in ./packages.
After cloning the repo
yarn
to install dependenciesyarn build
to build the CLI. This will need to be re-run any time you make changes and want to test them locally.To execute Heroku CLI commands locally, use ./bin/run <command>
. For example, to run the heroku apps
command with your local code, run ./bin/run apps
from the root directory.
Run all tests with yarn test
.
Run one test, in this case plugin-certs-v5, with yarn lerna run --scope @heroku-cli/plugin-certs-v5 test
.
Using WebStorm (from Jetbrains / IntelliJ), you can run/debug an individual test case.
See the Heroku CLI Release Steps.
Review our PR guidelines.
FAQs
CLI to interact with Heroku
The npm package heroku receives a total of 8,332 weekly downloads. As such, heroku popularity was classified as popular.
We found that heroku demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.