Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
@pkmn/client
Advanced tools
Readme
@pkmn/client
Package encapsulating a refactored version of the generic parts of the official Pokémon Showdown's client's engine.
$ npm install @pkmn/client
Note that either @pkmn/dex
or @pkmn/sim
must also be installed to provide
a Dex
implementation.
@pkmn/client
manintains a battle's state based on information contained in the Pokémon Showdown
protocol. A
Battle
can be instantiated with a Dex
implementation and used to track the
state of a battle by add
-ing protocol messages off the wire. The Battle
can then be queried
to determine information about the sides / field / Pokemon involved and their current status. The
state information that can be obtained from the protocol goes beyond the information provided in
the |request|
messages sent from the server and together both provide a more complete view of the
true state of the battle.
import {Battle} from '@pkmn/client';
import {Dex} from '@pkmn/dex';
const battle = new Battle(Dex);
for (const line of lines) {
battle.add(line);
... // manipulate battle
}
The UI integration test serves as an example for how the
@pkmn/client
library can be used to display the results of a battle visually. Note how it makes
use of multiple Handler
's ordered carefully to account for when the Battle
state was
updated. @pkmn/view
's LogFormatter
is an example of
a Handler
which depends on being run before the client's Handler
(and has been designed to
work hand-in-hand with Battle
).
The recommended way of using @pkmn/client
in a web browser is to configure your bundler
(Webpack, Rollup,
Parcel, etc) to minimize it and package it with the rest of your
application.
This package is distributed under the terms of the MIT License. Substantial amounts of the code have been derived from the portions of the Pokémon Showdown client which are distributed under the MIT License.
FAQs
Unknown package
We found that @pkmn/client demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.