New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →
node-command-line
Advanced tools
node-command-line - npm Package Compare versions
+1
-1
| { | ||
| "name": "node-command-line", | ||
| "version": "2.0.1", | ||
| "version": "2.0.2", | ||
| "description": "Simple command line interface to execute command from node environment with promise and avoid shell escaping", | ||
@@ -5,0 +5,0 @@ "main": "node-command-line.js", |
+39
-31
@@ -6,3 +6,3 @@ # node-command-line | ||
| #####npm info : | ||
| ##### npm info : | ||
|     | ||
@@ -18,11 +18,17 @@ | ||
| ##Method | ||
| ## Method | ||
| | method | argument | functionality | | ||
| |---|---|---| | ||
| | run | command, true/false | run command synchronously/asynchronously based on using await and pass second parameter true or false to print from library or not. Default vaue is true. | ||
| |--------|----------|---------------| | ||
| | run | command, true/false | run command synchronously/asynchronously based on using await and pass second parameter true or false to print from library or not. Default vaue is true.| | ||
| ##Examples | ||
| ### **Note: | ||
| `I've added a basic sanitization step that removes characters commonly associated with shell command injection attacks. This helps prevent unwanted characters from being executed within the shell command.` | ||
| ## Examples | ||
| Inject the dependencies | ||
@@ -34,3 +40,3 @@ | ||
| **Execute the single command without wait** | ||
| **Ex1: Execute the single command without wait** | ||
@@ -58,3 +64,3 @@ ``` | ||
| **Execute command and pass second parameter true/false to print from library or not** | ||
| **Ex2: Execute command and pass second parameter true/false to print from library or not** | ||
@@ -68,7 +74,5 @@ ``` | ||
| In this example run the command `node --version` that will show the node version and also print `Executed your command :)`. | ||
| node version may shown after print `Executed your command :)` because of second command do not wait for executing the first command. | ||
| In this example run the command `node --version` that will not sow the node version but print `Executed your command :)`. | ||
| node version won't show after print `Executed your command :)` because the second parameter passed false. | ||
| I've added a basic sanitization step that removes characters commonly associated with shell command injection attacks. This helps prevent unwanted characters from being executed within the shell command. | ||
| **Output in console like:** | ||
@@ -79,7 +83,5 @@ | ||
| v16.15.1 | ||
| ``` | ||
| **Execute the single command with wait (using promise)** | ||
| **Ex3: Execute the single command with wait (using promise)** | ||
@@ -106,3 +108,3 @@ ``` | ||
| **Execute the multiple command without wait** | ||
| **Ex4: Execute the multiple command without wait** | ||
@@ -133,3 +135,3 @@ ``` | ||
| **Execute the multiple command without wait** | ||
| **Ex5: Execute the multiple command without wait** | ||
@@ -161,20 +163,26 @@ ``` | ||
| **Execute the single command with wait and get response (using yield)** | ||
| **Ex6: Execute the single command with async wait and get response** | ||
| ``` | ||
| function runSingleCommandWithWaitAndGetResponse() { | ||
| Promise.coroutine(function *() { | ||
| var response = yield cmd.run('node --version'); | ||
| if(response.success) { | ||
| console.log('Response received===', response.message); | ||
| // do something with response | ||
| // if success get stdout info in message. like response.message | ||
| } else { | ||
| // do something | ||
| // if not success get error message and stdErr info as error and stdErr. | ||
| //like response.error and response.stdErr | ||
| } | ||
| console.log('Executed your command :)'); | ||
| })(); | ||
| async function runSingleCommandWithWaitAndGetResponse() { | ||
| let response = await cmd.run('node --version'); | ||
| if(response.success) { | ||
| console.log('Response received===', response.message); | ||
| // do something | ||
| // if success get stdout info in message. like response.message | ||
| } else { | ||
| // do something | ||
| // if not success get error message and stdErr info as error and stdErr. | ||
| //like response.error and response.stdErr | ||
| } | ||
| console.log('Executed your command :)'); | ||
| } | ||
| ``` | ||
| **Output in console like:** | ||
| ``` | ||
| Executed your command :) | ||
| ``` |
New alerts
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
AI-detected potential code anomaly
Supply chain riskAI has identified unusual behaviors that may pose a security risk.
Found 1 instance in 1 package
Fixed alerts
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
AI-detected potential code anomaly
Supply chain riskAI has identified unusual behaviors that may pose a security risk.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
10002
0.17%- Number of lines in readme file
180
4.65%No dependency changes