Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
The 'promptly' npm package is a simple utility for prompting user input in Node.js applications. It provides a straightforward way to ask for user input from the command line, with support for validation, default values, and hidden input for sensitive information.
Basic Prompt
This feature allows you to prompt the user for input and then use that input in your application. The example code asks the user for their name and then greets them.
const promptly = require('promptly');
(async () => {
const name = await promptly.prompt('Enter your name: ');
console.log(`Hello, ${name}!`);
})();
Prompt with Default Value
This feature allows you to provide a default value for the prompt. If the user does not enter anything, the default value will be used. The example code sets 'Anonymous' as the default name.
const promptly = require('promptly');
(async () => {
const name = await promptly.prompt('Enter your name: ', { default: 'Anonymous' });
console.log(`Hello, ${name}!`);
})();
Hidden Input
This feature allows you to prompt the user for input without displaying what they type on the screen. This is useful for sensitive information like passwords. The example code asks for a password and hides the input.
const promptly = require('promptly');
(async () => {
const password = await promptly.prompt('Enter your password: ', { silent: true });
console.log('Password received.');
})();
Input Validation
This feature allows you to validate the user's input before accepting it. The example code validates that the input is a positive integer representing the user's age.
const promptly = require('promptly');
(async () => {
const age = await promptly.prompt('Enter your age: ', {
validator: (value) => {
const age = parseInt(value, 10);
if (isNaN(age) || age <= 0) {
throw new Error('Invalid age');
}
return age;
}
});
console.log(`You are ${age} years old.`);
})();
Inquirer.js is a powerful and flexible library for creating interactive command-line interfaces. It supports a wide range of prompt types, including input, confirm, list, rawlist, expand, checkbox, password, and editor. Compared to promptly, Inquirer.js offers more advanced features and customization options.
Readline-sync is a synchronous library for reading user input from the command line. It provides basic functionality for prompting user input, similar to promptly, but operates synchronously, making it simpler to use in some cases. However, it lacks some of the advanced features and flexibility of promptly.
The 'prompt' package is another library for prompting user input in Node.js. It supports various input types, validation, and default values. While it offers similar functionality to promptly, it has a more complex API and additional features like schema-based prompts.
Simple command line prompting utility.
$ npm install promptly
Prompts for a value, printing the message
and waiting for the input.
When done, calls fn
with error
and value
.
Default options:
{
// The default value. If not supplied, the input is mandatory
'default': null,
// Automatically trim the input
'trim': true,
// A validator or an array of validators.
'validator': null,
// Automatically retry if a validator fails
'retry': true,
// Do not print what the user types
'silent': false,
// Input and output streams to read and write to
'input': process.stdin,
'output': process.stdout
}
The validators have two purposes:
function (value) {
// Validation example, throwing an error when invalid
if (value.length !== 2) {
throw new Error('Length must be 2');
}
// Parse the value, modifying it
return value.replace('aa', 'bb');
}
Example usages
Ask for a name:
promptly.prompt('Name: ', function (err, value) {
// err is always null in this case, because no validators are set
console.log(value);
});
Ask for a name with a constraint (non-empty value and length > 2):
var validator = function (value) {
if (value.length < 2) {
throw new Error('Min length of 2');
}
return value;
};
promptly.prompt('Name: ', { validator: validator }, function (err, value) {
// Since retry is true by default, err is always null
// because promptly will be prompting for a name until it validates
// Between each prompt, the error message from the validator will be printed
console.log('Name is:', value);
});
Same as above but do not retry automatically:
var validator = function (value) {
if (value.length < 2) {
throw new Error('Min length of 2');
}
return value;
};
promptly.prompt('Name: ', { validator: validator, retry: false }, function (err, value) {
if (err) {
console.error('Invalid name:', e.message);
// Manually call retry
// The passed error has a retry method to easily prompt again.
return err.retry();
}
console.log('Name is:', value);
});
Ask the user to confirm something.
Calls fn
with error
and value
(true or false).
Truthy values are: y
, yes
and 1
.
Falsy values are n
, no
, and 0
.
Comparison is made in a case insensitive way.
Example usage:
promptly.confirm('Are you sure? ', function (err, value) {
console.log('Answer:', value);
});
Ask the user to choose between multiple choices
(array of choices).
Calls fn
with error
and value
.
Example usage:
promptly.choose('Do you want an apple or an orange? ', ['apple', 'orange'], function (err, value) {
console.log('Answer:', value);
});
Prompts for a password, printing the message
and waiting for the input.
When available, calls fn
with error
and value
.
The available options are the same, except that trim
and silent
default to false
and default
is an empty string (to allow empty passwords).
Example usage:
promptly.password('Type a password: ', function (err, value) {
console.log('Password is:', value);
});
Released under the MIT License.
FAQs
Simple command line prompting utility
The npm package promptly receives a total of 0 weekly downloads. As such, promptly popularity was classified as not popular.
We found that promptly demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.