Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@openstapps/feed-importer
Advanced tools
It's a library (npm package) which makes fetching data of an Atom or RSS feed easier.
In it's core, this is a wrapper for Atom/RSS parsing library feedparser.
Compared to feedparser
, this libary is much simpler to use, in a sense that a developer just needs to provide the URL of a feed, and he is already able to get that feeds items as an array of JavaScript objects.
It's installed easily via npm:
npm install @openstapps/feed-importer
After FeedImporter
class is imported, e.g.:
import {FeedImporter} from '@openstapps/feed-importer';
an object needs to be created, and afterwards we are ready to use its getItems
method:
const feedImporter = new FeedImporter('http://some-url.domain'); // create an object
const feedItems = await feedImporter.getItems();
// do something with the items from the feed
const feedItemsFiltered = await feedImporter.getItems(['title', 'description']);
// after fetching from the feed, items are filtered to contain only 'title' and 'description' properties
If you want to further develop this library or to just see how it works, these are useful commands:
npm install
npm run build
For running tests:
npm run test # or npm test
FAQs
Fetches items from an Atom or RSS feed
The npm package @openstapps/feed-importer receives a total of 0 weekly downloads. As such, @openstapps/feed-importer popularity was classified as not popular.
We found that @openstapps/feed-importer demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.