Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@foxreisxd/dc.js
Advanced tools
discord.js is a powerful Node.js module that allows you to easily interact with the Discord API.
Node.js 12.0.0 or newer is required.
Ignore any warnings about unmet peer dependencies, as they're all optional.
Without voice support: npm install discord.js
With voice support (@discordjs/opus): npm install discord.js @discordjs/opus
With voice support (opusscript): npm install discord.js opusscript
The preferred audio engine is @discordjs/opus, as it performs significantly better than opusscript. When both are available, discord.js will automatically choose @discordjs/opus. Using opusscript is only recommended for development environments where @discordjs/opus is tough to get working. For production bots, using @discordjs/opus should be considered a necessity, especially if they're going to be running on multiple servers.
npm install zlib-sync
)npm install discordapp/erlpack
)npm install sodium
)npm install libsodium-wrappers
)npm install bufferutil
)bufferutil
for much faster WebSocket processing (npm install utf-8-validate
)const Discord = require('discord.js');
const client = new Discord.Client();
client.on('ready', () => {
console.log(`Logged in as ${client.user.tag}!`);
});
client.on('message', msg => {
if (msg.content === 'ping') {
msg.reply('pong');
}
});
client.login('token');
Before creating an issue, please ensure that it hasn't already been reported/suggested, and double-check the
documentation.
See the contribution guide if you'd like to submit a PR.
If you don't understand something in the documentation, you are experiencing problems, or you just need a gentle nudge in the right direction, please don't hesitate to join our official Discord.js Server.
FAQs
A powerful library for interacting with the Discord API
We found that @foxreisxd/dc.js demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.