Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
@bva/ipgeo
Advanced tools
Readme
IPGeo is a promise based JavaScript wrapper around popular IP Geolocation APIs.
To setup an instance of IPGeo you'll need to import the library and then create an instance from the IPGeo class.
First add it to your repo:
yarn add @bva/ipgeo
Then use it in your JavaScript:
import IPGeo from "@bva/ipgeo";
const geo = new IPGeo();
geo.getGeo().then(data => console.log(data));
When initializing a new IPGeo instance an optional options
argument can be passed to the Class instantiation. The options
argument is an Object
can have the following properties:
Service is the web service you want to use and can be any of the following values:
geojs
(default) - https://www.geojs.io/ipapi
- https://ipapi.co/This method makes a request to the geo service and returns JSON response wrapped in a promise.
Example
geo.getGeo().then(data => console.log(data));
If using GeoJS the above code will log a JSON object that looks like this. Otherwise, it will log the chosen service's JSON structure.
Note: The first call to .getGeo()
will result in an API call which will store the data in sessionStorage under ipgeo
. All subsequent calls will pull data from sessionStorage unless it is not supported in the browser.
This will remove geo data stored in sessionStorage under ipgeo
. If the browser doesn't support it nothing will happen.
The data stored in sessionStorage is under the name ipgeo
and is base64 encoded. To view the actual data you'll need to decode it using atob()
.
Example:
console.log(JSON.parse(atob(sessionStorage.getItem("ipgeo"))));
FAQs
A promise based JavaScript wrapper around popular IP Geolocation APIs
The npm package @bva/ipgeo receives a total of 10 weekly downloads. As such, @bva/ipgeo popularity was classified as not popular.
We found that @bva/ipgeo demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.