
Research
/Security News
Weaponizing Discord for Command and Control Across npm, PyPI, and RubyGems.org
Socket researchers uncover how threat actors weaponize Discord across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.
@firebase/messaging
Advanced tools
This is the messaging component for the Firebase JS SDK. It has a peer dependency on the [`@firebase/app`](https://npm.im/@firebase/app) package on NPM. This package is included by default in the [`firebase`](https://npm.im/firebase) wrapper package.
This is the messaging component for the Firebase JS SDK. It has a peer
dependency on the @firebase/app
package on NPM. This package
is included by default in the firebase
wrapper
package.
You can install this package by running the following in your project:
$ npm install @firebase/messaging
You can then use the firebase namespace exposed by this package as illustrated below:
ES Modules
import firebase from '@firebase/app';
import '@firebase/messaging'
// Do stuff w/ `firebase` and `firebase.messaging`
CommonJS Modules
const firebase = require('@firebase/app').default;
require('@firebase/messaging');
// Do stuff with `firebase` and `firebase.messaging`
For comprehensive documentation please see the Firebase Reference Docs.
OneSignal is a widely used service for sending push notifications. The onesignal-node package is a Node.js client for the OneSignal API, similar to @firebase/messaging in that it allows sending notifications to users. However, it's not tied to Firebase and works with OneSignal's own service, offering a broader range of features specific to notification delivery and user engagement.
Pusher is a service that focuses on building real-time applications with capabilities like WebSockets. The pusher-js package is their JavaScript client that allows for real-time bi-directional communication between web servers and clients. While it offers real-time messaging capabilities, it's more focused on application signaling and less on push notifications compared to @firebase/messaging.
The web-push package is a Node.js library for sending notifications using the Web Push protocol. It supports sending messages to any web push service, making it a versatile choice for web applications. Unlike @firebase/messaging, which is tied to Firebase's ecosystem, web-push is more generic and can be used without any specific backend service, offering more flexibility in how notifications are sent.
FAQs
This is the Firebase Cloud Messaging component of the Firebase JS SDK.
The npm package @firebase/messaging receives a total of 3,388,898 weekly downloads. As such, @firebase/messaging popularity was classified as popular.
We found that @firebase/messaging demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
Socket researchers uncover how threat actors weaponize Discord across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.
Security News
Socket now integrates with Bun 1.3’s Security Scanner API to block risky packages at install time and enforce your organization’s policies in local dev and CI.
Research
The Socket Threat Research Team is tracking weekly intrusions into the npm registry that follow a repeatable adversarial playbook used by North Korean state-sponsored actors.