Announcing a new Command Line Interface & API

Today we are extremely excited to announce the release of a brand new version of the requireSafe Command Line Interface (CLI).

On the surface it works like the old version, however you will notice a lot of extraneous functionality like logging in or registering has been removed, leaving only the core requiresafe check command in place.

Why did you remove all the goodies?

To be blunt we got a little ahead of ourselves with some features in the beta and decided to burn it down and go back to the basics to make it a better experience for our core use case. Those other features will return with a better experience and more functionality. Follow @requiresafe to find out when new features are released.

What’s new: Output format

The output of the CLI received a lot of attention in this release. The default view is a lot more readable in a vertical instead of a horizontal format. This new view will give you; - The total number of vulnerabilities found - The vulnerability title - The module name and version - The dependency path of which dependency is the cause of the issue - A link to find out more info.

Additional output formats include - none (does what you think it does) - json (outputs in raw json) - [redacted] - Find out more next week

What’s new: Proxy support

A long-awaited feature for many users was proxy support. Now you can easily define a proxy either per project or globally by adding a simple configuration line.

Create a .requiresaferc file with the contents of

{
  "proxy": "https://proxy.example.com:8080"
}

Getting started with the CLI

To install the new command line interface you simple type npm i requiresafe -g

Do the following to check to see if your project dependencies contain known vulnerabilities.

cd your-fantastic-project
requiresafe check

If it found a known vulnerability you will see output in the new format.

If the client found everything to be a-ok, then the output will look like this.

What's next?

The short answer is a lot. The long answer is we aren't ready to share just yet. We have some really cool features, integrations, and ideas planned.

Until then a good way for you to contribute is to use the CLI in all your projects and give us feedback and bug reports as you can.

You might also enjoy reading: