Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Moggie wraps a lot Meow to support subcommands.
--version
--help
$ npm install --save moggie
$ ./rufus.js leg raise and --rainbow
#!/usr/bin/env node
'use strict';
const moggie = require('moggie');
moggie({
// you might use meow-options here:
version: "0.0.1-alpha",
minimistOptions: {
'--': true
},
// subcommands contain only moggie-options
subcommands: {
'leg': {
subcommands: {
'raise': {
callback: cli => console.dir(cli)
/*{
input: ['and'],
flags: {rainbow: true},
...
}*/
},
'lower': {}
},
callback: cli => console.dir(cli)
}
},
callback: cli => console.dir(cli),
helpCallback: cli => printRufusHelp(cli)
});
The callback receives an Object
with:
input
(Array) - Non-flag argumentsflags
(Object) - Flags converted to camelCasepkg
(Object) - The package.json
objecthelp
(string) - The help text used with --help
showHelp([code=2])
(Function) - Show the help text and exit with code
Type: Object
Must be an options-object where the base-level may contain meow-options and moggie-options. Meow is only once invoked, every subcommand may only contain moggie-options.
Type: function
Parameters: cli: object
The callback-handle will be called if the further input-array is empty or the next input-element doesn't match any subcommand from the subcommands
-property.
The callback is provided the cli-object containing the result of the basic meow-call, stripped by previously visited subcommands.
Type: function
Parameters: cli: object
This callback-handle will be called if neither a subcommand matched nor a callback is provided.
(More uses are to come)
Type: object
This object contains moggie-objects each for every provided subcommand.
Example:
subcommands:{
'1st-subcommand': {
callback: ...,
helpCallback: ...
},
'2nd-subcommand': {
callback: ...,
}
}
Type: string
boolean
Default: The package.json "description"
property
Description to show above the help text.
Set it to false
to disable it altogether.
Type: string
boolean
The help text you want shown.
The input is reindented and starting/ending newlines are trimmed which means you can use a template literal without having to care about using the correct amount of indent.
The description will be shown above your help text automatically.
Set it to false
to disable it altogether.
Type: string
boolean
Default: The package.json "version"
property
Set a custom version output.
Set it to false
to disable it altogether.
Type: Object
Default: Closest package.json upwards
package.json as an Object
.
You most likely don't need this option.
Type: Array
Default: process.argv.slice(2)
Custom arguments object.
Type: boolean
Default: false
Infer the argument type.
By default, the argument 5
in $ foo 5
becomes a string. Enabling this would infer it as a number.
Type: Object
Default: {}
Minimist options.
Keys passed to the minimist default
option are decamelized, so you can for example pass in fooBar: 'baz'
and have it be the default for the --foo-bar
flag.
Meow will make unhandled rejected promises fail loudly instead of the default silent fail. Meaning you don't have to manually .catch()
promises used in your CLI.
See meow
to learn more about the underlying cli-helper.
See chalk
if you want to colorize the terminal output.
See get-stdin
if you want to accept input from stdin.
See conf
if you need to persist some data.
See update-notifier
if you want update notifications.
MIT © Florian Breisch
FAQs
moggie wraps a lot meow to support subcommands.
The npm package moggie receives a total of 3 weekly downloads. As such, moggie popularity was classified as not popular.
We found that moggie demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.