Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
The vercel npm package is a command-line interface (CLI) tool that allows you to interact with the Vercel platform. Vercel is a cloud platform for static sites and Serverless Functions that enables developers to deploy web projects with ease. The CLI provides functionalities for deploying projects, managing deployments, and configuring projects.
Deploying Projects
This command deploys your project to Vercel in production mode. It automatically detects the framework you are using and optimizes the deployment accordingly.
vercel --prod
Managing Deployments
This command lists all the deployments for your project. It helps you keep track of different versions and environments of your application.
vercel ls
Configuring Projects
This command allows you to add environment variables to your Vercel project. Environment variables are essential for managing different configurations for development, staging, and production environments.
vercel env add
Netlify CLI is a command-line tool for interacting with the Netlify platform, which is similar to Vercel. It allows you to deploy sites, manage environment variables, and configure build settings. Netlify is known for its powerful build and deploy capabilities, as well as its integration with various static site generators.
The now CLI is the predecessor to the vercel CLI and was used for deploying projects to the ZEIT Now platform, which has since been rebranded to Vercel. While now CLI is still available, it is recommended to use the vercel CLI for the latest features and updates.
Firebase CLI is a command-line tool for interacting with Firebase services, including hosting, functions, and database management. While Firebase is more focused on providing a comprehensive suite of backend services, it also offers static site hosting similar to Vercel.
Develop. Preview. Ship.
Vercel's frontend cloud gives developers frameworks, workflows, and infrastructure to build a faster, more personalized web.
To install the latest version of Vercel CLI, run this command:
npm i -g vercel
To quickly start a new project, run the following commands:
vercel init # Pick an example project
cd <PROJECT> # Change directory to the new project
vercel # Deploy to the cloud
Finally, connect your Git repository to Vercel and deploy with git push
.
For details on how to use Vercel CLI, check out our documentation.
To develop Vercel CLI, first check out the source code, install dependencies, and build all packages:
git clone https://github.com/vercel/vercel.git
cd vercel
pnpm install
pnpm build
At this point you can make modifications to the CLI source code and test them out locally. The CLI source code is located in the packages/cli
directory.
cd packages/cli
pnpm vercel <cli-commands...>
From within the packages/cli
directory, you can use the "dev" script to quickly execute Vercel CLI from its TypeScript source code directly (without having to manually compile first). For example:
pnpm vercel deploy
pnpm vercel whoami
pnpm vercel login
pnpm vercel switch --debug
When you are satisfied with your changes, make a commit and create a pull request!
FAQs
The command-line interface for Vercel
The npm package vercel receives a total of 494,707 weekly downloads. As such, vercel popularity was classified as popular.
We found that vercel demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 10 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.