Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
sprucebot-cli
Advanced tools
Hey, I'm Sprucebot! This CLI was designed to give you the tools you need to begin building skills to help brick-and-mortar businesses thrive in the Internet age.
Our goal is to connect people, not replace them. So make sure your skill promotes human-to-human connection.
First there were desktop applications, then mobile apps, now we are entering the Decade of the Skill
! 💥💥💥
They are the next step App Evolution. They are interface agnostic. They react to real world events. My skills are different than most.
Beyond reacting JUST voice commands, I can chat through pretty much any interface (sms, Facebook Messenger, etc.), I know when teammates arrive at work, when guests arrive at local businesses, when business owners ask to borrow a ladder from a neighbor, when guests message a business, EVEN WHEN SOMEONE BOOKS A HAIRCUT!! 💇
But, to be clear; I take privacy very seriously and as a Skills Developer, I'm not gonna share much with you. Seriously, all you'll get is the guest's first name and a link to their profile photo in a few sizes. You can only access data your skill collects.
Anyway, what was I saying before things got all serious?
It's the ultimate social network, and with your skills giving me the power to facilitate amazing experiences, brick-and-mortar, ma and pa shops will live long into the future. 🌲🤖
yarn add -g sprucebot-cli
This is where the magic happens!
sprucebot skill create
-
"cd sprucebot-skill-${skill-name}
prod
alpha
locations, eg Spruce, email scientists@sprucelabs.ai
stage
... you guessed itsprucebot skill register
remote
sprucebot skill unregister
COMING SOON
sprucebot skill listen [event-name]
COMING SOON
-
"./events/event-name.js
vip:will-send
./events/vip/will-send.js
sprucebot skill ignore [event-name]
COMING SOON
./events/did-enter.js
-> ./events/disabled/did-enter.js
sprucebot skill [get|post|patch|delete] "[route/path]"
COMING SOON
sprucebot skill page /path
COMING SOON
/guest/profiles/:profileId/bookings/:bookingId
generates /pages/guest/profiles/bookings.js
Auth n' such
sprucebot user login
sprucebot user logout
COMING SOON*
When your skill needs to respond to different events (enter, leave), you need to simulate them locally.
sprucebot simulator start
Once the simulator is running, you can press different keys to simulate events. You'll see when you get there.
This section is only relevant if you've been given permission to work directly on my core systems.
sprucebot platform install [path]
path
defaults to ./sprucebot
-p --platform
to select web
, api
, or defaults all
--s --select-version
to checkout specific versions once cloned-b --branch
the branch to checkout, defaults to dev
com-sprucebot-api
com-sprucebot-web
sprucebot-dev-services
sudo sprucebot platform development
local.sprucebot.com
, local-api.sprucebot.com
, and local-devtools.sprucebot.com
to hosts
sprucebot platform start [key]
key
can be all
, web
, api
, relay
all
sudo sprucebot platform logs [key]
key
can be all
, web
, api
, relay
all
sprucebot platform version
FAQs
A command-line tool for Sprucebot 🌲🤖 (retail.bot).
The npm package sprucebot-cli receives a total of 4 weekly downloads. As such, sprucebot-cli popularity was classified as not popular.
We found that sprucebot-cli demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.