Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
PhoneGap command-line interface and Node.js library.
>=0.10.x
$ npm install -g phonegap
$ phonegap create my-app # create a PhoneGap project
$ cd my-app # change to project directory
$ phonegap run ios # build and install the app to iOS
Usage: phonegap [options] [commands]
Description:
PhoneGap command-line tool.
Commands:
create <path> create a phonegap project
build <platform> build the project for specific platform
install <platform> install the project on a specific platform
run <platform> build and install the projectfor specific platform
serve serve a phonegap project
local [command] development on local system
remote [command] development in cloud with phonegap/build
platform [command] update a platform version
help [command] output usage information
version output version number
Options:
-d, --verbose allow verbose output
-v, --version output version number
-h, --help output usage information
Platforms:
keyword | local environment | remote environment
-------------------|-------------------|-------------------
android | ✔ | ✔
blackberry10 | ✔ | ✖
ios | ✔ | ✔
wp8 | ✔ | ✔
Examples:
$ phonegap help create
$ phonegap help remote build
$ phonegap create path/to/my-app
$ phonegap remote build android
Usage: phonegap local [command]
Description:
Executes the command on the local system.
This requires that platform SDK is correctly installed.
Commands:
build <platform> build a specific platform
install <platform> install a specific platform
run <platform> build and install a specific platform
plugin <command> add, remove, and list plugins
Examples:
$ phonegap local build android
$ phonegap local run android
$ phonegap local plugin list
Usage: phonegap remote [command]
Description:
Executes the command remotely using the cloud-based PhoneGap/Build service.
Commands:
login login to PhoneGap/Build
logout logout of PhoneGap/Build
build <platform> build a specific platform
install <platform> install a specific platform
run <platform> build and install a specific platform
Examples:
$ phonegap remote login
$ phonegap remote build android
$ phonegap remote run android
var phonegap = require('phonegap');
The PhoneGap CLI installs successfully but you do not have a command phonegap
.
Depending on how node
and npm
were installed, your globally installed npm
modules may not be in your PATH
.
At the bottom of your npm install -g phonegap
installation log, you will see the following:
...
/usr/local/share/npm/bin/phonegap -> /usr/local/share/npm/lib/node_modules/phonegap/bin/phonegap.js
...
(Your path may be slightly different)
Open ~/.profile
or ~/.bashrc
, depending on what exists on your system, and add following line:
export PATH=$PATH:/usr/local/share/npm/bin
Open a new terminal tab or type the following command:
$ source ~/.profile
or
$ source ~/.bashrc
The command phonegap
should now be available to you.
You receive the following error message when building an Android project:
throw new Error('The provided path "' + project + '" is not an Android
The first time that you build for a platform, the framework is downloaded from Apache Cordova.
The framework is stored locally in your home directory, such as ~/.cordova/lib
.
Sometimes the framework is corrupted during the download. It can exist for two know reasons:
First, you must properly configure your Android environment by following the platform setup guide.
Next, you must delete the cached Cordova Android framework (x.x.x
is your version):
~/.cordova/lib/android/cordova/x.x.x
Next, you can try to rebuild the project. Enabling verbose mode is sometimes helpful:
$ phonegap build android --verbose
There are a few steps that should be taken when upgrading to a new version of the cordova-cli.
Update the package.json
dependencies version for cordova
.
{
"dependencies": {
"cordova": "3.1.0"
}
}
Update the package.json
version.
{
"version": "3.1.0-0.15.0"
}
Run the tests.
$ npm test
Commit stating the version increment.
$ git commit -am "Version 3.1.0-0.15.0"
Tag the version commit.
$ git tag 3.1.0-0.15.0
Update the PhoneGap Hello World App to match the new version.
3.1.0
.Manually test that the latest Hello World app is lazy-loaded.
# Link the phonegap-cli for easier development (only need to do once).
$ cd phonegap-cli/
$ [sudo] npm link .
# Manually test and verify hello world app is lazy-loaded.
$ phonegap create my-app
[phonegap] missing library phonegap/www/3.1.0
[phonegap] downloading https://github.com/phonegap/phonegap-app-hello-world/archive/3.1.0.tar.gz...
[phonegap] created project at /Users/mwbrooks/Development/sandbox/my-app
$ cd my-app/
$ phonegap run ios
Push the git commit after the Hello World has been updated.
$ git push phonegap master
Publish the npm release.
$ npm publish
FAQs
PhoneGap command-line interface and node.js library.
The npm package phonegap receives a total of 151 weekly downloads. As such, phonegap popularity was classified as not popular.
We found that phonegap demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 9 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.