Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
This package contains the Quip command line interface, which is used for interacting with the Quip Live Apps platform.
$ npm install -g quip-cli
$ qla COMMAND
running command...
$ qla (-v|--version|version)
quip-cli/0.1.2 darwin-x64 node-v10.23.0
$ qla --help [COMMAND]
USAGE
$ qla COMMAND
...
qla apps
qla bump [INCREMENT]
qla help [COMMAND]
qla init
qla login
qla migration [NAME]
qla publish
qla release [BUILD NUMBER]
qla apps
Browse, inspect, and manipulate your Apps
USAGE
$ qla apps
OPTIONS
-h, --help show CLI help
-i, --id=id show the details of an app ID
-j, --json output responses in JSON
-s, --site=site [default: quip.com] use a specific quip site rather than the standard quip.com login
-v, --version=version which version to show the details for. Only useful with --id
See code: src/commands/apps.ts
qla bump [INCREMENT]
Bump the application version (and create a version commit/tag)
USAGE
$ qla bump [INCREMENT]
ARGUMENTS
INCREMENT which number to bump - can be one of 'prerelease', 'major', 'minor', or 'patch' - defaults to 'patch'
OPTIONS
-h, --help show CLI help
-m, --message=message Specify a commit message to use as the version commit message
-n, --no-git Don't perform git operations even when available (just makes changes inline)
-p, --prerelease-name=prerelease-name When specifying prerelease, use this as the prefix, e.g. -p alpha will produce
v0.x.x-alpha.x
See code: src/commands/bump.ts
qla help [COMMAND]
display help for qla
USAGE
$ qla help [COMMAND]
ARGUMENTS
COMMAND command to show help for
OPTIONS
--all see all commands in CLI
See code: @oclif/plugin-help
qla init
Initialize a new Live App Project
USAGE
$ qla init
OPTIONS
-d, --dir=dir specify directory to create app in (defaults to the name provided)
-h, --help show CLI help
-i, --id=id set the ID of the application
-j, --json output responses in JSON (must provide --name and --id)
-n, --name=name set the name of the application
-s, --site=site [default: quip.com] use a specific quip site rather than the standard quip.com login
--no-create only create a local app (don't create an app in the dev console or assign an ID)
--no-release don't release the initial version (leave app uninstallable and in the "unreleased" state)
See code: src/commands/init.ts
qla login
Logs in to Quip and stores credentials in the .quiprc file
USAGE
$ qla login
OPTIONS
-f, --force forces a re-login even if a user is currently logged in
-h, --help show CLI help
-s, --site=site [default: quip.com] use a specific quip site rather than the standard quip.com login
See code: src/commands/login.ts
qla migration [NAME]
Creates a new migration
USAGE
$ qla migration [NAME]
ARGUMENTS
NAME A short description to generate the filename with
OPTIONS
-d, --dry-run Print what this would do, but don't create any files.
-f, --folder=folder [default: migrations] The folder where your migrations are stored
-h, --help show CLI help
-v, --version=version The version to generate this migration for. By default, it will use the current version_number
in the manifest
See code: src/commands/migration.ts
qla publish
Uploads this bundle to the developer console, and sets it as the latest development version.
USAGE
$ qla publish
OPTIONS
-h, --help show CLI help
-i, --ignore=ignore [default: node_modules] blob to ignore. Defaults to 'node_modules'
-j, --json output responses in JSON
-s, --site=site [default: quip.com] use a specific quip site rather than the standard quip.com login
See code: src/commands/publish.ts
qla release [BUILD NUMBER]
Release an app to Beta or Production
USAGE
$ qla release [BUILD NUMBER]
ARGUMENTS
BUILD NUMBER the build number to release
OPTIONS
-b, --beta release beta version
-h, --help show CLI help
-j, --json output responses in JSON
-p, --prod release production version
-s, --site=site [default: quip.com] use a specific quip site rather than the standard quip.com login
See code: src/commands/release.ts
When developing locally, you'll iterate by calling bin/run <your-command>
.
This tool uses oclif to handle arg parsing and user interactivity.
To add a command to this repo, run npx oclif command <name>
. For other options, check npx oclif --help
FAQs
A Command Line Interface for the Quip Live Apps platform
The npm package quip-cli receives a total of 371 weekly downloads. As such, quip-cli popularity was classified as not popular.
We found that quip-cli demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.