Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
> :warning: This project [was previously named `c-3po-cli`](https://github.com/ttag-org/ttag/issues/105). > Some of the talks, presentations, and documentation _may_ reference it with both names.
:warning: This project was previously named
c-3po-cli
. Some of the talks, presentations, and documentation may reference it with both names.
Command line utility for ttag translation library. Works out of the box with js, ts, jsx, tsx files.
npm install ttag-cli
# or global
npm install -g ttag-cli
ttag extract some.js
extract [output|lang] <src...>
will extract translations to .pot file
--output -o result file with translations (.pot) (default: translations.pot)
--lang -l sets default lang (ISO format) (default: en)
--discover string overrides babel-plugi-ttag setting - https://ttag.js.org/docs/plugin-api.html#configdiscover. Can be used to discover ttag functions without explicit import. Only known ttag functions can be used as params (t, jt, ngettext, gettext, _)
--numberedExpressions boolean overrides babel-plugin-ttag setting - https://ttag.js.org/docs/plugin-api.html#confignumberedexpressions. Refer to the doc for the details.
--extractLocation string - 'full' | 'file' | 'never' - https://ttag.js.org/docs/plugin-api.html#configextractlocation. Is used to format location comments in the .po file.
--sortByMsgid boolean. Will sort output in alphabetically by msgid. https://ttag.js.org/docs/plugin-api.html#configsortbymsgid
check [lang] <pofile> <src...>
will check if all translations are present in .po file
--lang -l sets default lang (ISO format) (default: en)
--discover string overrides babel-plugi-ttag setting - https://ttag.js.org/docs/plugin-api.html#configdiscover. Can be used to discover ttag functions without explicit import. Only known ttag functions can be used as params (t, jt, ngettext, gettext, _)
--numberedExpressions boolean overrides babel-plugin-ttag setting - https://ttag.js.org/docs/plugin-api.html#confignumberedexpressions. Refer to the doc for the details.
merge <path...>
will merge two or more po(t) files together using first non-empty msgstr and header from left-most file
translate <path> [args]
will open interactive prompt to translate all msgids with empty msgstr in cli
--output -o result file with translations (.po) (default: translated.po)
stats <path>
will display various pofile statistics(encoding, plurals, translated, fuzzyness)
filter <path> [args]
will filter pofile by entry attributes(fuzzy, obsolete, (un)translated)
--fuzzy -f result file with fuzzy messages (.po) (default: false)
--no-fuzzy -nf result file without fuzzy messages (.po) (default: false)
--translated -t result file with translations (.po) (default: false)
--not-translated -nt result file without translations (.po) (default: false)
--reference -r a regexp to match references against (default: )
ttag filter -nt small.po
msgid "test"
msgstr ""
init <lang> <filename>
will create an empty .po file with all necessary headers for the locale
--lang sets default locale (ISO format) (default: en)
--filename path to the .po file
update [opts] <pofile> <src..>
will update existing po file. Add/remove new translations
--lang sets default locale (ISO format) (default: en)
--pofile path to .po file with translations
--src path to source files/directories
--discover string overrides babel-plugi-ttag setting - https://ttag.js.org/docs/plugin-api.html#configdiscover. Can be used to discover ttag functions without explicit import. Only known ttag functions can be used as params (t, jt, ngettext, gettext, _)
--numberedExpressions boolean overrides babel-plugin-ttag setting - https://ttag.js.org/docs/plugin-api.html#confignumberedexpressions. Refer to the doc for the details.
--extractLocation string - 'full' | 'file' | 'never' - https://ttag.js.org/docs/plugin-api.html#configextractlocation. Is used to format location comments in the .po file.
--sortByMsgid boolean. Will sort output in alphabetically by msgid. https://ttag.js.org/docs/plugin-api.html#configsortbymsgid
replace [options] <pofile> <out> <path>
will replace all strings with translations from the .po file
--discover string overrides babel-plugi-ttag setting - https://ttag.js.org/docs/plugin-api.html#configdiscover. Can be used to discover ttag functions without explicit import. Only known ttag functions can be used as params (t, jt, ngettext, gettext, _)
--numberedExpressions boolean overrides babel-plugin-ttag setting - https://ttag.js.org/docs/plugin-api.html#confignumberedexpressions. Refer to the doc for the details.
color <pofile>
will output po(t)file with pretty colors on, combine with | less -r
spell <pofile> [locale]
will spellcheck po file messages with given locale, locale can be autodetected from pofile
validate <pofile>
will validate js template strings (${x}
) in messages and translations and against each other
web <pofile>
will open pofile in web editor
po2json <pofile> [args]
will parse and output po file as loadable JSON
--pretty -p pretty print js (default: false)
--nostrip --n do not strip comments/headers (default: false)
--format sets the output JSON format (compact is much smaller)
[choices: "compact", "verbose"] [default: "verbose"]
Please support ttag-cli development by sending issues/PRs.
FAQs
> :warning: This project [was previously named `c-3po-cli`](https://github.com/ttag-org/ttag/issues/105). > Some of the talks, presentations, and documentation _may_ reference it with both names.
The npm package ttag-cli receives a total of 11,838 weekly downloads. As such, ttag-cli popularity was classified as popular.
We found that ttag-cli demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.