Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Please note that several packages are available which are pointed to in the installation documentation.
Links | |
---|---|
Documentation | https://cloudmesh.github.io/cloudmesh-cloud |
Code | https://github.com/cloudmesh/cloudmesh-cloud |
Installation Instructions | https://github.com/cloudmesh/get |
This library contains a number of useful functions and APIs that we highlight here. They are used to interact with the system and provide a number of functions to implement command line programs and shells.
The console provides convenient way to print colored messages types in the terminal, such as errors, info, and regular messages
from cloudmesh.common.console import Console
Console.error("this is an error printed in red with prefix ERROR:")
Console.msg("this is a msg printed in black")
Console.ok("this is an ok message printed in green")
We have lots of shell commands that call linux commands, but also have a convenient execution command that returns the results in a string.
For more information we like you to inspect the source code:
from cloudmesh.common.Shell import Shell
shell = Shell()
print(shell.terminal_type())
# prints after the command is finished
r = shell.execute('pwd')
print(r)
# prints while the command is executed
r = shell.live('pwd')
print(r)
# open a new terminal and start the command ls in it (for OSX and Gnome)
shell.terminal("ls")
# an example of a build in command
shell.pip("install cloudmesh-common")
We have many such build in commands, please see the source
A convenient way to print dictionaries and lists with repeated entries as tables, csv, json, yaml. The dictionaries can even be hierarchical.
Let us assume we have
data = [
{
"name": "Gregor",
"address": {
"street": "Funny Lane 11",
"city": "Cloudville"
{
},
{
"name": "Albert",
"address": {
"street": "Memory Lane 1901",
"city": "Cloudnine"
}
}
]
Then we can print it nicely with
print(Printer.flatwrite(self.data,
sort_keys=["name"],
order=["name", "address.street", "address.city"],
header=["Name", "Street", "City"],
output="table")
)
Other formats such as csv, json, dict are also supported.
In addition we have also printers for printing attribute lists. Please consult the source code.
See: https://colab.research.google.com/drive/1tG7IcP-XMQiNVxU05yazKQYciQ9GpMat#scrollTo=TZAjATZiQh4q&uniqifier=1 for an example
from cloudmesh.common.StopWatch import StopWatch
import time
StopWatch.start("a")
time.sleep(3)
StopWatch.stop("a")
StopWatch.status("a", True)
StopWatch.benchmark()
If it is not wrapped in functions, do not use it this way.
from cloudmesh.common.Benchmark import Benchmark
import time
def b():
Benchmark.Start()
time.sleep(3)
Benchmark.Stop()
def c():
Benchmark.Start()
time.sleep(1)
Benchmark.Stop()
b()
c()
Benchmark.print()
See also: cloudmesh.common.StopWatch
One dimensional Dictionaries in dot format.
from cloudmesh.common.dotdict import doctict
# convert a simple dict to a dotdict
d = dotdict({"name": "Gregor"})
# Now you can say
print(d["name"])
print(d.name)
Very useful functions are included in util
Especially useful are
Continued work was in part funded by the NSF CyberTraining: CIC: CyberTraining for Students and Technologies from Generation Z with the award numbers 1829704 and 2200409.
FAQs
A set of useful APIs for cloudmesh
We found that cloudmesh-common demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.