
Research
/Security News
Toptal’s GitHub Organization Hijacked: 10 Malicious Packages Published
Threat actors hijacked Toptal’s GitHub org, publishing npm packages with malicious payloads that steal tokens and attempt to wipe victim systems.
A command-line utility for Weblate, translation tool with tight version control integration
Weblate is libre software web-based continuous localization system, used by over 2500 libre projects and companies in more than 165 countries.
wlc is a Weblate command-line client using Weblate's REST API.
Install using pip:
pip3 install wlc
Sources are available at https://github.com/WeblateOrg/wlc.
Please see Weblate documentation for more complete documentation.
Command-line usage:
wlc list-projects
wlc list-components
wlc list-translations
wlc list-languages
wlc show
wlc ls
wlc commit
wlc push
wlc pull
wlc repo
wlc stats
wlc lock
wlc unlock
wlc lock-status
wlc download
wlc upload
Configuration is stored in ~/.config/weblate
. The key/values (retries
,
timeout
, method_whitelist
, backoff_factor
, status_forcelist
) are closely
coupled with the urllib3 parameters and allows the user to configure request
parameters.
[weblate]
url = https://hosted.weblate.org/api/
retries = 3
method_whitelist = PUT,POST,GET
backoff_factor = 0.2
status_forcelist = 429,500,502,503,504
timeout = 30
[keys]
https://hosted.weblate.org/api/ = APIKEY
The image is published on Docker Hub.
Building locally:
docker build -t weblate/wlc .
Detailed documentation is available in Weblate documentation.
You can use following tags on Docker hub:
Tag name | Description | Use case |
---|---|---|
latest | wlc stable release, matches latest tagged release | Rolling updates in a production environment |
edge | wlc development | Staging environment |
version | wlc stable release, see weblate/wlc | Well defined deploy in a production environment |
Every image is tested by our CI before it gets published, so even the bleeding
version should be quite safe to use.
Contributions are welcome! See documentation for more information.
FAQs
A command-line utility for Weblate, translation tool with tight version control integration
We found that wlc demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
Threat actors hijacked Toptal’s GitHub org, publishing npm packages with malicious payloads that steal tokens and attempt to wipe victim systems.
Research
/Security News
Socket researchers investigate 4 malicious npm and PyPI packages with 56,000+ downloads that install surveillance malware.
Security News
The ongoing npm phishing campaign escalates as attackers hijack the popular 'is' package, embedding malware in multiple versions.