Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Create UNIX-style CLI applications in Node
pee-kood - Hebrew (not Danish, although I encourage you to look that up if you want a good laugh) for "command"
Inspired by https://github.com/codegangsta/cli
$ npm install --save pikud
A CLI app built with pikud
consists of either a single command or unlimited nested commands. Each command can have its own flags. Flags are inherited from parent commands and can be overridden on the child if the child allows the same flag.
Flags are defined by a FlagSet
, which consists of any mix of StringFlag
, NumberFlag
, or BoolFlag
. See below examples.
If you set allowMultiple:true
when defining a StringFlag
or NumberFlag
, the flag will be parsed as an array rather than a single value (think Docker's -e
flag). For example:
new StringFlag('environment', {
alias:'e',
allowMultiple:true
});
$ myapp -e "foo=bar" -e "baz=bing" -e "boop=scoop"
Each command also automatically has a help flag (--help
or -h
) which will show the command's usage in a nice little table.
If a command has no sub-commands then it must have an action
. The action
takes any arguments passed via command line as well as the flags that were parsed. An action can either return a value, in which case that value will be written to the console at the end of execution, OR a Promise
. If it returns a Promise
, then pikud
will handle it asynchronously.
Actions are bound to their commands using Function.call
, so you can introspect the command or run this.help()
to display the help text.
import { Command } from 'pikud';
let main = new Command('my-app', {
action:(args, flags) => {
console.log('Doing action with args', args, 'flags', flags);
}
});
main.run(process.argv);
$ my-app arg1 arg2 arg3
import { FlagSet, StringFlag, BoolFlag, NumberFlag, Command } from 'pikud';
let main = new Command('my-app', {
flags:new FlagSet([
new StringFlag('foo', {
alias:'f',
defaultValue:'asdf',
envVar:'FOO',
description:'Which foo to use?'
}),
new BoolFlag('bar', {
alias:'b',
description:'Turn on the bar'
})
]),
action:(args, flags) => {
console.log('Doing action with args', args, 'flags', flags);
}
});
main.run(process.argv);
$ my-app -f "asdf" -b arg1 arg2 arg3
import { FlagSet, StringFlag, BoolFlag, NumberFlag, Command } from 'pikud';
let main = new Command('my-app', {
flags:new FlagSet([
new BoolFlag('foo', {
alias:'f',
description:'Turn on the foo'
}),
new BoolFlag('bar', {
alias:'b',
description:'Turn on the bar'
})
]),
subCommands:{
cmd1:new Command('cmd1', {
description:'Do command 1',
flags: new FlagSet([
new StringFlag('baz', {
alias:'z',
description:'Tell me the baz'
})
]),
action:(args, flags) => {
console.log('Doing cmd 1 with ', args, flags);
}
})
}
});
main.run(process.argv);
$ my-app -fb cmd1 --baz "This is the baz value" arg1 arg2 arg3
FAQs
Easily create command-line apps
The npm package pikud receives a total of 0 weekly downloads. As such, pikud popularity was classified as not popular.
We found that pikud demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.