Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
@moderation-api/sdk
Advanced tools
Readme
The Moderation API Node library provides convenient access to the Stripe API from applications written in server-side JavaScript.
Use the Moderation API to analyze text and images for offensive content, profanity, toxicity, discrimination, sentiment, language and more - or detect, hide, and extract data entities like emails, phone numbers, addresses and more.
See the moderation-api-node
API docs for Node.js.
Install the package with:
npm install @moderation-api/sdk
# or
yarn add @moderation-api/sdk
The package needs to be configured with your projects's API key, which is available in your Project Dashboard. Instantiate the client with your key:
import ModerationAPi from '@moderation-api/sdk';
const moderationApi = new ModerationAPi({
key: 'proj_...',
});
const analysis = await moderationApi.moderate.text({
value: 'Hello world!',
})
console.log(analysis.flagged)
The client works with TypeScript and is fully typed.
Moderation API can optionally sign the webhook events it sends to your endpoint, allowing you to validate that they were not sent by a third-party. You can read more about it here.
Please note that you must pass the raw request body, exactly as received from Moderation API, to the constructEvent()
function; this will not work with a parsed (i.e., JSON) request body.
Here's what it looks like using Next.js:
import {buffer} from 'micro';
const handler = async (req, res) => {
const webhookRawBody = await buffer(req);
const webhookSignatureHeader = req.headers['modapi-signature'];
const payload = await moderationApi.webhooks.constructEvent(
webhookRawBody,
webhookSignatureHeader,
process.env.MODAPI_WEBHOOK_SECRET
);
};
// disable body parser so we can access raw body
export const config = {
api: {
bodyParser: false,
},
};
export default handler;
New features and bug fixes are released on the latest major version of the @moderation-api/sdk
package. If you are on an older major version, we recommend that you upgrade to the latest in order to use the new features and bug fixes including those for security vulnerabilities. Older major versions of the package will continue to be available for use, but will not be receiving any updates.
Reach out at support@moderationapi.com
FAQs
Automatically moderate your content with Moderation API
The npm package @moderation-api/sdk receives a total of 131 weekly downloads. As such, @moderation-api/sdk popularity was classified as not popular.
We found that @moderation-api/sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.