Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@ayesh/geo-ip-database
Advanced tools
Weekly updated database of IP CIDR to Country codes, indexed by the first 1/4th of the IP address
This is an automated repository that downloads and processes GeoLite database from Maxmind GeoLite database, and processes it to be consumed by ayesh/geo-ip
composer package.
This repository only contains the JSON files that other packages (mainly ayesh/geo-ip
) consumes.
This repository is automatically updated on every Monday, and if there are new changes, a new minor version will be tagged and published automatically.
See Ayesh/Geo-IP-Tree-Builder
for the actual parser.
ayesh/geo-ip
package is the main target use case, and that package require
s this repository. If you use ayesh/geo-ip
package, no further action is necessary.
composer require ayesh/geo-ip-database ^1.0.0
npm i @ayesh/geo-ip-database
This repository will be updated and tagged automatically. Make sure to require the ayesh/geo-ip-database
without pinning a specific version (e.g ^1.0.0
), and running npm up
or composer update
should automatically use the newest database version.
This product includes GeoLite2 data created by MaxMind, available from https://www.maxmind.com.
FAQs
Weekly updated database of IP CIDR to Country codes, indexed by the first 1/4th of the IP address
The npm package @ayesh/geo-ip-database receives a total of 142 weekly downloads. As such, @ayesh/geo-ip-database popularity was classified as not popular.
We found that @ayesh/geo-ip-database demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.