1. In its early development, `x-cmd` was designed to integrate its modules directly into the shell's namespace. This approach meant that common commands, such as `ping`, could potentially be overridden to run `x ping`, leading to conflicts and behavior.
2. Recognizing these potential issues, we decided to retain the `x` prefix for all `x-cmd` commands. This ensures clarity and prevents namespace pollution. The `x` is intentionally short and acts as a dedicated namespace for `x-cmd`'s features.
I think this will provide a kind of flexibility for our users. Users could try something new or interesting using x-cmd script. But if these sripts fail, users could alway return to the mature original command and finish the tasks.
Future versions of `x-cmd` will introduce a comprehensive cross-shell shortcut configuration system, empowering users to easily manage their personalized command shortcuts.
1. X-CMD is a shell library. `install` and `pkg` are just one module in this shell library. X-CMD also uses shell scripting to enhance interaction with `pixi` and `asdf`, these work are also encapsulated into an invidual module.
2. All X-CMD code is hosted on the `main` branch. You can find direct links to each module's source code by browsing the modules section on our website: https://x-cmd.com/mod/env.
3. As a team based in China, we are continuously working to improve our English documentation. Our current priority is to first refine the Chinese documentation, which will then serve as the foundation for more accurate and comprehensive English translations.
4. All of the packages managed by x-cmd team, we collect them from developer official sources. Not maintained by third party contributors.
I understand your concern and have consulted with the author.
When using the Nextrace API for IP geolocation, Nextrace performs Proof-of-Work (PoW) authentication first. Therefore, the website counts only these authentication requests.
Consequently, the statistics do not include requests using other IP APIs.
CVE information in NVD json format (e.g if you already have existing code which supports NVD json format)
CVSS scores for CVEs, including scores both from NVD and other sources
EPSS history for CVEs
Emerging CVEs
Data mentioning CVEs
Full-text search in CVE data
Open source vulnerabilities
Open source packages
Open source vulnerability details in OSSF format
Generic data listing and details: All data types in our database (e.g CVEs, OSV, web pages, advisories etc) in a common internal format
Tags for any data entry
IP address search
Domain facets: Attack surface summary for your domain
Domain IP list: IP addresses attributed to your domain
IP CPE list: CPEs, products, discovered on a given list of IP addresses
Noto is a collection of high-quality fonts with multiple weights and widths in sans, serif, mono, and other styles. The Noto fonts are perfect for harmonious, aesthetic, and typographically correct global communication, in more than 1,000 languages and over 150 writing systems.
"Noto" means "I write, I mark, I note" in Latin. The name is also short for "no tofu", as the project aims to eliminate 'tofu': blank rectangles shown when no font is available for your text.
Thank you for sharing this information. I am also applying for membership and am eager to see Codeberg succeed.
However, I am concerned about the long-term sustainability of Codeberg, especially if it plans to support CI (which is resource-intensive) and attract a significantly larger user base.
Similarweb statistics indicate a substantial difference in traffic between Codeberg and GitHub. While Codeberg has approximately 2 million page views (700.8K visits * 2.78 pages/visits) per month, GitHub boasts over 2.7 billion (462.4M visits * 6 pages/visits). This translates to Codeberg having roughly 0.1% of GitHub's traffic.
If Codeberg aims to reach even 10% of GitHub's traffic, the operational costs would likely increase by a factor of 100 or much more ( almost certain ). Has Codeberg internally addressed this scalability challenge and outlined strategies for managing such growth? What are Codeberg's long-term goals in terms of user base and features, and how do they plan to balance these aspirations with sustainability?
1. X-cmd aggregates all known installation methods, sourced from the community and official documentation ( including apt, dnf, ... curl), and presents them in an interactive list.
2. It is the decision for the user to CHOOSE the installation method that best suits the situation. Whether it's apt, dnf, or any other method, x-cmd always puts user in control.
As a former operation engineer, I often encountered situations where installing a simple tool, like jq, on a client's server required unnecessary sudo privileges. Even worse, some software installations demanded extensive dependency upgrades, potentially destabilizing the entire system.
To address this, I developed x-cmd/pkg, a tool management system that prioritizes portable tools.
This approach eliminates the need for the unecessary privileged access and minimizes the impact on the original system.
X-cmd also offers other methods for installing portable software from the community: like asdf, cosmo. It is all user's decision.
About the LLM, there won't be a code to eval without user's confirmation.
X-CMD won't be a powerful framework like Langchain; it's just a simple command-line interface (CLI) that uses CURL.
Large language models (LLMs) may be used to generate commands, but no code will be executed without explicit user confirmation. User safety and control are top priorities.
We prioritize transparency by open-sourcing our code and providing best-effort documentation and demo.
When operating in the field, you're not executing opaque binary code, but rather human-readable POSIX shell scripts. This allows you to fully understand the actions being performed when necessary.
command to query CVE-2024-38355 in x-cmd shodan CLI
$ x shodan cve CVE-2024-38355
This is the result:
Socket.IO is an open source, real-time, bidirectional, event-based, communication framework. A specially crafted Socket.IO packet can trigger an uncaught exception on the Socket.IO server, thus killing the Node.js process. This issue is fixed by commit `15af22fc22` which has been included in `[email protected]` (released in May 2023). The fix was backported in the 2.x branch as well with commit `d30630ba10`. Users are advised to upgrade. Users unable to upgrade may attach a listener for the "error" event to catch these errors.
1. In its early development, `x-cmd` was designed to integrate its modules directly into the shell's namespace. This approach meant that common commands, such as `ping`, could potentially be overridden to run `x ping`, leading to conflicts and behavior. 2. Recognizing these potential issues, we decided to retain the `x` prefix for all `x-cmd` commands. This ensures clarity and prevents namespace pollution. The `x` is intentionally short and acts as a dedicated namespace for `x-cmd`'s features.
I think this will provide a kind of flexibility for our users. Users could try something new or interesting using x-cmd script. But if these sripts fail, users could alway return to the mature original command and finish the tasks.
Future versions of `x-cmd` will introduce a comprehensive cross-shell shortcut configuration system, empowering users to easily manage their personalized command shortcuts.