Research
Recent Trends in Malicious Packages Targeting Discord
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
nucm
Advanced tools
Readme
NUCM 的全称为 NPM User Change Manager,是一款高效而直观的 NPM 账号切换管理工具,为开发者提供了简便的方法来轻松切换和管理不同的 NPM 用户账号。无论是在开发多个项目,协作开发,还是在不同的工作环境中切换,该工具都能帮助用户保持无缝的 NPM 包管理体验。
文档地址:https://beezen.github.io/nucm/
# 全局安装
$ npm install -g nucm # 或 yarn global add nucm
Usage: nucm [options] [command]
Options:
-v,--version 查看版本
-h, --help 显示命令帮助
Commands:
ls [options] 查看账号列表
use [options] <name> 切换账号
add <name> <access-tokens> 添加账号
del <name> 移除账号
localize <lang> 使用本地化语言
update [options] 更新版本
save 保存当前账号
registry|nrm <cmd...> 注册源配置
help [command] display help for command
$ nucm save
$ nucm add beezen abcdefXXXXXXXXmno2
添加账号成功
$ nucm ls
beezend -- abcdef......mno1
beezen --- abcdef......mno2
* beeze ---- abcdef......mno3
$ nucm use beezen
已切换到账号 beezen
我们管理的是 NPM 发布的访问令牌。
访问令牌是使用 API 或 npm CLI (CLI) 时,对 npm 进行身份验证的另一种选择。它是一个十六进制字符串,可用于身份验证,并授予您安装和/或发布模块的权限。
请注意:如果您是通过 npm login
或者 npm adduser
进行登录的用户,可以使用 nucm save 命令将当前登录账号的访问令牌保存起来。
在后续的使用过程中,您可以通过 nucm use <name>
的方式快速切换各种账号的访问令牌,从而实现对 npm 包使用不同账号进行发布。
如果想进一步了解 NPM 登录相关的配置,可以参考.npmrc 配置说明。
MIT
FAQs
NPM User Change Manager(NPM 用户账号切换管理)
We found that nucm demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.