Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@stacksjs/tlsx
Advanced tools
bun install -d @stacksjs/tlsx
# or, invoke immediately
bunx @stacksjs/tlsx
npx @stacksjs/tlsx
Please note, we are looking to publish this package to npm under the name tlsx
. Hoping npm will release the name for us.
Alternatively, you can install:
brew install tlsx # wip
pkgx install tlsx # wip
There are two ways of using this reverse proxy: as a library or as a CLI.
Given the npm package is installed:
import { config, generateCert, addCertToSystemTrustStoreAndSaveCerts, storeCert, tls, pki, forge } from '@stacksjs/tlsx'
import type { AddCertOptions, CertOptions, TlsConfig, TlsOptions } from '@stacksjs/tlsx'
// ...
# more docs incoming
tlsx --help
tlsx version
The Reverse Proxy can be configured using a tls.config.ts
(or tls.config.js
) file and it will be automatically loaded when running the tlsx
command.
// tlsx.config.ts (or tlsx.config.js)
import type { TlsConfig } from './src/types'
export default {
ssl: {
altNameIPs: ['127.0.0.1'],
altNameURIs: ['localhost'],
organizationName: 'tlsx stacks.localhost',
countryName: 'US',
stateName: 'California',
localityName: 'Playa Vista',
commonName: 'stacks.localhost',
validityDays: 1,
},
} satisfies TlsConfig
Then run:
tlsx
To learn more, head over to the documentation.
bun test
Please see our releases page for more information on what has changed recently.
Please review the Contributing Guide for details.
For help, discussion about best practices, or any other conversation that would benefit from being searchable:
For casual chit-chat with others using this package:
Join the Stacks Discord Server
Two things are true: Stacks OSS will always stay open-source, and we do love to receive postcards from wherever Stacks is used! 🌍 We also publish them on our website.
Our address: Stacks.js, 12665 Village Ln #2306, Playa Vista, CA 90094, United States 🌎
We would like to extend our thanks to the following sponsors for funding Stacks development. If you are interested in becoming a sponsor, please reach out to us.
The MIT License (MIT). Please see LICENSE for more information.
Made with 💙
FAQs
A TLS/HTTPS library with automation.
We found that @stacksjs/tlsx demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.