Security News
Crates.io Implements Trusted Publishing Support
Crates.io adds Trusted Publishing support, enabling secure GitHub Actions-based crate releases without long-lived API tokens.
By Sarah Gooding - Jul 16, 2025
You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 4-6.RSVP →
- Maintainers
- 1
Clingwrap
Clingwrap is a simple debugging tool which collects information about the state of a system and stores that information in a zip file for later analysis. It was originally implemented for the Shaken Fist (https://shakenfist.com) project, but is more generally useful than that.
Clingwrap takes a configuration file (see examples/shakenfist-ci-failure.cwd for an example), and processes the list of commands in that file to produce the zip file of debugging output. The commands are specified in a simple YAML format, where a configuration file looks like this:
--
commands:
- name: Kernel version and architecture
destination: _commands/uname
shell: uname -a
- name: Installed system OS packages and versions
destination: _commands/dpkg
shell: dpkg -l
Possible commands are:
file commands: which record the contents of a file. For example:
- name: syslog
destination: var/log/syslog
file: /var/log/syslog
directory commands: which record all files in a given directory hierarchy, with a possible simple exclusion regexp. For example:
- name: Shaken Fist instances
destination: /srv/shakenfist/instances
directory: /srv/shakenfist/instances
exclude: "hd[ac-z]"
shell commands: which take a command line or script and execute them in a shell. A valid configuration is:
- name: Kernel version and architecture
destination: _commands/uname
shell: uname -a
shell_emitter commands: which run a shell script which emits further commands to execute. This is useful for finding objects and then storing information about them. A valid example is:
- name: Network namespaces
shell_emitter: |
for item in `find /var/run/netns -type f | sed 's/.*\///'`
do
echo "commands:
- name: Network interfaces (namespace $item)
destination: _commands/netns-$item/ip-link
shell: ip netns exec $item ip link
- name: Network addresses (namespace $item)
destination: _commands/netns-$item/ip-link
shell: ip netns exec $item ip addr
- name: Network routes (namespace $item)
destination: _commands/netns-$item/ip-link
shell: ip netns exec $item ip route
"
done
FAQs
clingwrap: wrap up CI artefacts and post them to Google Storage
We found that clingwrap demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Tracking Protestware Spread: 28 npm Packages Affected by Payload Targeting Russian-Language Users
Undocumented protestware found in 28 npm packages disrupts UI for Russian-language users visiting Russian and Belarusian domains.
By Olivia Brown - Jul 15, 2025
Research
/Security News
Contagious Interview Campaign Escalates With 67 Malicious npm Packages and New Malware Loader
North Korean threat actors deploy 67 malicious npm packages using the newly discovered XORIndex malware loader.
By Kirill Boychenko - Jul 14, 2025