
Research
/Security News
Critical Vulnerability in NestJS Devtools: Localhost RCE via Sandbox Escape
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
A command line parser that only needs your help text.
Just write the help text for your application and ParseArgv will take care of your command line. It works sort of the other way around than OptParse, where you write a lot of code to get a command line parser and generated help text. ParseArgv simply takes your help text and parses the command line and presents you the results.
You can use ParseArgv for simpler programs just as well as for CLI with multi-level sub-commands (git-like commands). ParseArgv is easy to use, fast and also helps you convert the data types of command line arguments.
The given help text
usage: test [options] <infile> [<outfile>]
This is just a demonstration.
options:
-f, --format <format> specify the format
--verbose enable verbose mode
-h, --help print this help text
will be interpreted as
-f
or --format
are given--verbose
is given-h
or --help
are givenPlease, see the Gem's help for detailed information, or have a look at the ./examples
directory which contains some commands to play around.
The supported help text syntax and the command line interface syntax are described in the syntax help.
In general you just specify the help text and get the parsed command line:
require 'parse-argv'
args = ParseArgv.from <<~HELP
usage: test [options] <infile> [<outfile>]
This is just a demonstration.
options:
-f, --format <format> specify the format
--verbose enable verbose mode
-h, --help print this help text
HELP
args.verbose?
#=> true, when "--verbose" argument was specified
#=> false, when "--verbose" argument was not specified
args[:infile].as(File, :readable)
#=> file name
args.outfile?
#=> true, when second argument was specified
args.outfile
#=> second argument or nil when not specified
Use Bundler to add ParseArgv in your own project:
Include in your Gemfile
:
gem 'parse-argv'
and install it by running Bundler:
bundle
To install the gem globally use:
gem install parse-argv
After that you need only a single line of code in your project to have it on board:
require 'parse-argv'
FAQs
Unknown package
We found that parse-argv demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
Product
Customize license detection with Socket’s new license overlays: gain control, reduce noise, and handle edge cases with precision.
Product
Socket now supports Rust and Cargo, offering package search for all users and experimental SBOM generation for enterprise projects.