Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
@cuenca-mx/cuenca-js
Advanced tools
cuenca-js
is a Javascript library client to use Cuenca's services.
Using npm
:
npm install --save @cuenca-mx/cuenca-js
Using yarn
:
yarn add @cuenca-mx/cuenca-js
To start using the library, the client must be configured with your credentials. Some configurations can be changed to further improve the use of the library:
Configuring the client on constructor The credentials and environment can be set when instantiating the client:
import { Cuenca } from '@cuenca-mx/cuenca-js';
import { Phase } from '@cuenca-mx/cuenca-js/types';
const cuenca = new Cuenca(
'SOME_API_KEY',
'SOME_API_SECRET',
Phase.Stage,
);
Client's configuration
The configuration can be changed after creating it using the configure
method:
import { Cuenca } from '@cuenca-mx/cuenca-js';
import { Phase } from '@cuenca-mx/cuenca-js/types';
const cuenca = new Client();
// The method will require await if `useJwt` is setted to `true`
// because a request is made to Cuenca to create the JWT.
await cuenca.client.configure({
apiKey: 'SOME_API_KEY',
apiSecret: 'SOME_API_SECRET',
loginToken: 'LOGIN_TOKEN',
phase: Phase.Api, // Production environment
useJwt: true,
});
Configuration Name | Description | Default Value |
---|---|---|
apiKey | API Key credential | undefined |
apiSecret | Secret for the API Key | undefined |
phase | Used to change the environment for the client (production, stage or sandbox) | Phase.Sandbox |
loginToken | Login Token, sets X-Cuenca-LoginToken on each request | undefined |
useJwt | If true , it will create a JWT for authentification | false |
After configuring the client, you should login to your user before performing requests on resources:
const login = await cuenca.userLogins.create('111111'); // Use 6 digit password to login
console.log(login); // UserLogin model { id: string, lastLoginAt: Date, success: bool }
Different actions may be performed on each resource depending on which of the following classes they implement:
Name | methods | Description |
---|---|---|
Retrievable | .retrieve(id) | Retrieves the resource's model given an ID |
Creatable | Implementation varies* | Creates the resource from a given data |
Updateable | Implementation varies* | Updates a resource given its ID and data |
Deactivable | Implementation varies* | Deactivates the resource given its ID |
Downloadable | .pdf() , .xml() | Returns the byte string of a document given its ID |
Queryable | .one() , .first() , .count() , .all() | Perform different types of queries on resources |
Name | Actions |
---|---|
accounts | Queryable , Retrievable |
apiKeys | Creatable , Deactivable , Queryable , Retrievable , Updateable |
arpc | Creatable |
accounts | Queryable , Retrievable |
balanceEntries | Queryable , Retrievable |
billPayments | Queryable , Retrievable |
cardActivations | Creatable |
cards | Creatable , Deactivable , Queryable , Retrievable , Updateable |
cardTransactions | Queryable , Retrievable |
cardValidations | Creatable |
commissions | Queryable , Retrievable |
deposits | Queryable , Retrievable |
loginTokens | Creatable |
savings | Creatable , Deactivable , Queryable , Retrievable , Updateable |
serviceProviders | Queryable , Retrievable |
statements | Downloadable , Queryable |
transfers | Creatable , Queryable , Retrievable |
userCredentials | Creatable , Updateable |
userLogins | Creatable , Deactivable |
walletTransactions | Creatable , Queryable , Retrievable |
whatsAppTransfers | Queryable , Retrievable |
import { AccountQuery } from '@cuenca-mx/cuenca-js/types';
let account;
account = await cuenca.accounts.first(); // Returns the first value found on the query
try {
// Throws an error if no result was found or if more than one result were found.
account = await cuenca.accounts.one(
new AccountQuery({
accountNumber: 'SOME_ACCOUNT_NUMBER',
}),
);
} catch (error) {
console.log(error);
}
Please submit an issue and how to replicate it.
Fork the repo and send your PR so we can review it! Any and all help is welcomed, just keep in mind:
Be sure to keep coverage at least 99%
Developed and maintained with 💙 by Cuenca
FAQs
Cuenca client for JS
The npm package @cuenca-mx/cuenca-js receives a total of 1 weekly downloads. As such, @cuenca-mx/cuenca-js popularity was classified as not popular.
We found that @cuenca-mx/cuenca-js demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.