Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
oclif is a framework for building command-line interfaces (CLIs) in Node.js. It provides a robust set of tools and conventions for creating and managing CLI applications, including support for plugins, argument parsing, and command scaffolding.
Command Creation
This feature allows you to create new commands easily. The example demonstrates a simple 'Hello, world!' command.
const { Command } = require('@oclif/core');
class HelloWorldCommand extends Command {
async run() {
this.log('Hello, world!');
}
}
HelloWorldCommand.run();
Argument Parsing
This feature provides built-in support for parsing command-line arguments and flags. The example shows a command that greets a user by name.
const { Command, flags } = require('@oclif/core');
class GreetCommand extends Command {
static flags = {
name: flags.string({ char: 'n', description: 'name to print' })
};
async run() {
const { flags } = this.parse(GreetCommand);
this.log(`Hello, ${flags.name || 'world'}!`);
}
}
GreetCommand.run();
Plugins
This feature allows you to extend your CLI with plugins. The example demonstrates loading plugins within a command.
const { Command } = require('@oclif/core');
const { Plugins } = require('@oclif/plugin-plugins');
class MyCommand extends Command {
async run() {
const plugins = new Plugins(this.config);
await plugins.load();
this.log('Plugins loaded');
}
}
MyCommand.run();
Commander is a popular library for building command-line interfaces in Node.js. It provides a simple and flexible API for defining commands, options, and arguments. Compared to oclif, Commander is more lightweight and less opinionated, making it a good choice for simpler CLI applications.
Yargs is another widely-used library for building CLI applications in Node.js. It offers powerful argument parsing capabilities and a rich set of features for handling complex command-line interfaces. Yargs is more feature-rich than Commander but still less structured than oclif, which provides a more comprehensive framework for CLI development.
Vorpal is a framework for building interactive command-line applications in Node.js. It supports features like command history, tab completion, and interactive prompts. Vorpal is more focused on creating interactive CLIs, whereas oclif is designed for building both simple and complex command-line tools.
oclif
CLIoclif
CLIThis is the oclif
CLI for the Open CLI Framework, that supports the development of oclif plugins and CLIs.
See the docs for more information.
The Getting Started tutorial is a step-by-step guide to introduce you to oclif. If you have not developed anything in a command line before, this tutorial is a great place to get started.
See Usage below for an overview of the oclif
CLI.
Currently, Node 18+ is supported. We support the LTS versions of Node. You can add the node package to your CLI to ensure users are running a specific version of Node.
If you have been using version 1 of the oclif
CLI there are some important differences to note when using the latest version.
oclif multi
, oclif plugin
, and oclif single
have all been removed in favor of oclif generate
, which generates an oclif based CLI using the hello-world example repo.
oclif hook
is now oclif generate:hook
oclif command
is now oclif generate:command
Version 2 now includes all the commands from the oclif-dev
CLI. This means that you can now use a single CLI for all your oclif needs. These commands include:
oclif manifest
oclif pack
oclif pack:deb
oclif pack:macos
oclif pack:win
oclif upload
(formerly known as oclif-dev publish
)oclif upload:deb
(formerly known as oclif-dev publish:deb
)oclif upload:macos
(formerly known as oclif-dev publish:macos
)oclif upload:win
(formerly known as oclif-dev publish:win
)oclif readme
Creating a CLI:
$ npx oclif generate mynewcli
? npm package name (mynewcli): mynewcli
$ cd mynewcli
$ ./bin/run.js --version
mynewcli/0.0.0 darwin-x64 node-v9.5.0
$ ./bin/run.js --help
USAGE
$ mynewcli [COMMAND]
COMMANDS
hello
help display help for mynewcli
$ ./bin/run.js hello world
hello world! (./src/commands/hello/world.ts)
oclif generate
- Generate a new CLIoclif help
- Display help for oclif.oclif init
- Initialize a new oclif CLIoclif manifest
- Generates plugin manifest json (oclif.manifest.json).oclif pack
- Package an oclif CLI into installable artifacts.oclif promote
- Promote CLI builds to a S3 release channel.oclif readme
- Adds commands to README.md in current directory.oclif upload
- Upload installable CLI artifacts to AWS S3.See the contributing guide.
FAQs
oclif: create your own CLI
We found that oclif demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.