Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
IPGeo is a promise based JavaScript wrapper around popular IP Geolocation APIs.
To setup an instance of IPGeo you'll need to import the library and then create an instance from the IPGeo class.
First add it to your repo:
yarn add @bva/ipgeo
Then use it in your JavaScript:
import IPGeo from "@bva/ipgeo";
const geo = new IPGeo();
geo.getGeo().then(data => console.log(data));
When initializing a new IPGeo instance an optional options
argument can be passed to the Class instantiation. The options
argument is an Object
can have the following properties:
Service is the web service you want to use and can be any of the following values:
geojs
(default) - https://www.geojs.io/ipapi
- https://ipapi.co/This method makes a request to the geo service and returns JSON response wrapped in a promise.
Example
geo.getGeo().then(data => console.log(data));
If using GeoJS the above code will log a JSON object that looks like this. Otherwise, it will log the chosen service's JSON structure.
Note: The first call to .getGeo()
will result in an API call which will store the data in sessionStorage under ipgeo
. All subsequent calls will pull data from sessionStorage unless it is not supported in the browser.
This will remove geo data stored in sessionStorage under ipgeo
. If the browser doesn't support it nothing will happen.
The data stored in sessionStorage is under the name ipgeo
and is base64 encoded. To view the actual data you'll need to decode it using atob()
.
Example:
console.log(JSON.parse(atob(sessionStorage.getItem("ipgeo"))));
FAQs
A promise based JavaScript wrapper around popular IP Geolocation APIs
The npm package @bva/ipgeo receives a total of 0 weekly downloads. As such, @bva/ipgeo popularity was classified as not popular.
We found that @bva/ipgeo demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.