Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
@microsoft/dev-tunnels-ssh
Advanced tools
Readme
A Secure Shell (SSH2) client and server protocol implementation for Node.js and browser environments.
The following features are not implemented in typescript implementation yet, and we have plans to implement the same:
The TypeScript implementation supports either Node.js (>= 14.x) or a browser environment. When running on Node.js, it uses the Node.js built-in crypto module. When running in a browser it uses the Web Crypto API, which is supported by all modern browsers. However note that since script on a web page cannot access native TCP sockets, the standard use of SSH over TCP is not possible; some other stream transport like a websocket may be used.
The optional dev-tunnels-ssh-tcp
and dev-tunnels-ssh-keys
depend on the core dev-tunnels-ssh
package.
FAQs
SSH library for Dev Tunnels
The npm package @microsoft/dev-tunnels-ssh receives a total of 10,726 weekly downloads. As such, @microsoft/dev-tunnels-ssh popularity was classified as popular.
We found that @microsoft/dev-tunnels-ssh demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.