Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
@5app/buslane
Advanced tools
Changelog
Readme
Buslane is a cross-service and transparent object.method proxy, using an rpc-lite json/http1 transport.
The need for this lib came about when we decided to move to docker at 5app. I wanted a simple way to remove our direct code dependencies between services without having to add extra endpoints manually.
With buslane and its RPC like object proxying, you can call methods on remote objects as if they were in the same context. So there is no need to create specific service endpoints either. Just write the configuration and buslane will expose the objects to each other.
This is all still very experimental, so use with caution, I sure am.
Install the buslane package using:
npm install --save @5app/buslane
Now, you will need to create a Buslane instance which you can use to make service1
and service2
communicate:
const Buslane = require('@5app/buslane');
const thisServiceName = 'service1';
const config = {
name: thisServiceName,
shared_api_key: 'my shared secret key',
map: [
{name: 'service2', port: 11211, ingresses: ['boat']},
{name: thisServiceName, port: 11311, ingresses: []},
],
};
const buslane = new Buslane(config);
const rpcResult = await buslane.service2.boat.sail('ocean');
build and run with docker:
docker build -t buslane . && docker run buslane
Buslane 3 uses HTTP1 while Buslane 2 uses HTTP2. The decision on dropping HTTP2 in favour of HTTP1 was made in order to resolve 2 issues:
GOAWAY
(in addition to the current ERR_HTTP2_INVALID_SESSION
).FAQs
buslane is a cross-service and transparent object.method proxy, using an rpc-lite json/http1 transport.
The npm package @5app/buslane receives a total of 128 weekly downloads. As such, @5app/buslane popularity was classified as not popular.
We found that @5app/buslane demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.