Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@elleciel/react-native-track-player
Advanced tools
A fully fledged audio module created for music apps
A fully-fledged audio module created for music apps. Provides audio playback, external media controls, background mode and more!
Blaze sponsors RNTP by providing super fast Apple Silicon based macOS Github Action Runners. Use the discount code RNTP50
at checkout to get 50% off your first year.
Not sure where to start?
Are you using RNTP for a personal project? Great! Sponsor us if you're able but otherwise you can support us by reporting any bugs you find, sending us screenshots of your projects and starring us on Github 🌟
Are you using RNTP at your organisation and/or making money from it? Awesome! We rely on your support to keep RNTP developed and maintained under the Apache-2.0 license. You can do that through Github Sponsors.
After trying to team up modules like react-native-sound
, react-native-music-controls
and react-native-google-cast
, I've noticed that their structure and the way they should be tied together can cause a lot of problems (mainly on Android). Those can heavily affect the app stability and user experience.
All audio modules (like react-native-sound
) don't play in a separated service on Android, which should only be used for simple audio tracks in the foreground (such as sound effects, voice messages, etc.)
react-native-music-controls
is meant for apps using those audio modules, but it has a few problems: the audio isn't tied directly to the controls. It can be pretty useful for casting (such as Chromecast).
react-native-google-cast
works pretty well and also supports custom receivers, but it has fewer player controls, it's harder to integrate and still uses the Cast SDK v2.
First please take a look at the Getting Started guide, but a basic example of how to play a track:
import TrackPlayer from 'react-native-track-player';
const start = async () => {
// Set up the player
await TrackPlayer.setupPlayer();
// Add a track to the queue
await TrackPlayer.add({
id: 'trackId',
url: require('track.mp3'),
title: 'Track Title',
artist: 'Track Artist',
artwork: require('track.png')
});
// Start playing it
await TrackPlayer.play();
};
start();
David Chavez |
Jacob Spizziri | Jonathan Puckey |
Guilherme Chaguri | Dustin Bahr |
You want this package to be awesome and we want to deliver on that. As you know already you can just File A Ticket, but thats not actually the best way for you to get what you need (read on to see why). The best way is for you to Be A Champion and dive into the code.
The reality is that filing a ticket isn't always enough. This is probably only going to work if your issue aligns with both the interests and the resources available to the core team. Here are the things that align with our interests in order of priority.
Now keep in mind available resources. Long story short, the thing you care about needs to be cared about by either a lot of other people, or by us.
BUT! There's another and, arguably even better way that helps you get what you need faster: Be A Champion.
Being a champion makes it easy for us to help you. Which is what we all want! So how can you be a champion? Sponsor the Project or be willing to write some code.
If you're willing to write some code we're willing to:
So, in a nutshell, let us know you're willing to do the work and ask for a little guidance, and watch the things you care about get done faster than anyone else. The best help will be given to those who are willing to help themselves.
You may be thinking that you can't help because you know nothing about native iOS or Android or maybe even React code. But we're willing to help guide you.
If you're up for that task then we can help you understand native code and how React Native works.
The only way you go from not-knowing to knowing is by learning. Learning isn't something you should be ashamed of nor is it something you should be scared of.
Our goal is to make it as easy as possible for you to make changes to the library. All the documentation on how to work on the library and it's dependencies is located in this Guide
The standard release command for this project is yarn version
.
yarn version [--major | --minor | --patch | --new-version <version>]
Ex.
yarn version --new-version 1.2.17
yarn version --patch // 1.2.17 -> 1.2.18
yarn version --minor // 1.2.18 -> 1.3.0
yarn version --major // 2.0.0
This command will:
You can find us as part of the React Native Track Player:
#introduce-yourself
- Come greet the newest members of this group!#troubleshooting-forum
- Ask members of the community to trouble shoot issues with your app and make recommendations.#show-and-tell
- Tell the community about the app you made with this project!#news-and-releases
- Stay updated about the latest releases and dev efforts on the project.FAQs
A fully fledged audio module created for music apps
The npm package @elleciel/react-native-track-player receives a total of 14 weekly downloads. As such, @elleciel/react-native-track-player popularity was classified as not popular.
We found that @elleciel/react-native-track-player demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.