Research
2025 Report: Destructive Malware in Open Source Packages
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
By Kush Pandya - Dec 24, 2025
open-cli
Open stuff like URLs, files, executables. Cross-platform.
Install
npm install --global open-cli
Usage
$ open-cli --help
Usage
$ open-cli <file|url> [--wait] [--background] [-- <app> [args]]
$ cat <file> | open-cli [--extension] [--wait] [--background] [-- <app> [args]]
Options
--wait Wait for the app to exit
--background Do not bring the app to the foreground (macOS only)
--extension File extension for when stdin file type cannot be detected
Examples
$ open-cli https://sindresorhus.com
$ open-cli https://sindresorhus.com -- firefox
$ open-cli https://sindresorhus.com -- 'google chrome' --incognito
$ open-cli unicorn.png
$ cat unicorn.png | open-cli
$ echo '<h1>Unicorns!</h1>' | open-cli --extension=html
The following file types are automagically detected when using stdin mode.
Related
- open - API for this module
Other packages similar to open-cli
opn
The opn package is similar to open-cli in that it allows you to open files, URLs, or applications from the command line. However, opn is more focused on being a programmatic API for opening things, whereas open-cli is more command-line oriented.
open
The open package is another alternative that provides similar functionality. It is a more modern and actively maintained package compared to opn. It also offers more options and flexibility for opening files, URLs, or applications.
FAQs
Open stuff like URLs, files, executables. Cross-platform.
The npm package open-cli receives a total of 81,128 weekly downloads. As such, open-cli popularity was classified as popular.
We found that open-cli demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 19 Dec 2023
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Engineering with AI Podcast: The Promise of AI-First Development
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.
By Sarah Gooding - Dec 24, 2025
Research
/Security News
Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations
A five-month operation turned 27 npm packages into durable hosting for browser-run lures that mimic document-sharing portals and Microsoft sign-in, targeting 25 organizations across manufacturing, industrial automation, plastics, and healthcare for credential theft.
By Nicholas Anderson, Kirill Boychenko - Dec 23, 2025