Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
waffle-server-import-cli
Advanced tools
Make sure you have node.js (version 4.x.x or higher) installed on your computer.
npm i -g waffle-server-import-cli
Skip this step if you already have ssh-key registered in GitHub
Cli-tool works with github repositories by SSH. So, ssh-key should be added and configured in your Environment for appropriate usage.
Windows users
: do following with git-cli
terminal.
ls -al ~/.ssh
ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
(keep password
empty)eval "$(ssh-agent -s)"
and ssh-add ~/.ssh/id_rsa
Settings/SSH and GPG keys
.ssh -T git@github.com
More details available here
Launch tool with following command.
ws-cli
If endpoint already added through cli tool.
If new endpoint should be added into cli tool.
Type new endpoint and it becomes available in the List.
Example of Input value: http://localhost:3000
Endpoint should be chosen from the list of reserved endpoints. If there is no URL you need, back to previous Option and select Add new Endpoint.
Type User Login, provided by Waffle Server Administrator
Type User Password, provided by Waffle Server Administrator
It is main list of Options in the Tool. It describes all available functionality to work with DataSets.
Type new Git Repository URL and it becomes available in the Tool.
Example of Input value: git@github.com:path
Tool provides possibility to Import Dataset from the list of Available Repositories. New Item could be added through Register Repository option.
Tool provides possibility to Update Datasets Incrementally.
Tool provides possibility to Remove any dataset which is not default or locked and is available for authorized user.
Tool provides possibility to Rollback broken transaction.
Tool will display List of Imported DataSets with Versions and Prestored Queries for them.
Example of one item:
> ddf-gapminder-world-stub-1-validated
- version : 1467978881282
- date : 2016-06-05 14:54:41
- url : http://localhost:3000/api/ddf/datapoints?dataset=ddf-gapminder-world-stub-1-validated&version=1467978881282&year=1800:2015&select=geo,year,energy_use_total,sg_population
Tool provides possibility to Check State of latest Transaction for selected DataSet.
Tool provides possibility to Setup Default DataSet and it Version.
Tool displays list of Registered repositories available for Importing.
Tool displays list of commits generated based on Git Repository Log. Choose commit as State of Repository for Importing.
Important: IF WS Host is not 'localhost' and not IP-address - prefix 'import-' will be added into the Endpoint.
Tool displays list of Registered repositories available for Updating Incrementally.
Tool displays list of commits generated based on Git Repository Log available for Updating. Choose commit as state of Repository for Updating, means that all changes that were done between it and previous Version (commit) will be aggregated.
Tool displays list of DataSets available for Removing all related data and transactions according to permission of authorized user. List of DataSets are provided by Waffle Server and included only already Imported DataSets.
Tool displays list of DataSets available for Rolling Back last Transaction if it was broken. List of DataSets are provided by Waffle Server and included only already Imported DataSets.
Tool displays list of Datasets available for overview. List of DataSets are provided by Waffle Server and included only already Imported DataSets. Operation Result will be a List of DataSets with Versions and Prestored Queries for them.
Example of operation result:
> ddf-gapminder-world-stub-1-validated : #6c60caa - Completed (2016-06-05 14:55:00)
- Concepts: 2
- Entities: 8
- Datapoints: 481
Tool displays list of DataSets available to choose as Default. List of DataSets are provided by Waffle Server and included only already Imported DataSets.
Tool displays list of Versions available to choose as Default. List of Versions are provided by Waffle Server.
const cliApi = require('waffle-server-import-cli');
const diffOptions = {
hashFrom: '66a50bb',
hashTo: '163bd00',
github: 'git@github.com:VS-work/ddf--ws-testing.git',
resultPath: './any-folder-for-result-files'
};
cliApi.generateDiff(diffOptions, function() {
console.log("Done!");
});
FAQs
WS import CLI
We found that waffle-server-import-cli demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 9 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.