Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@stoqey/ib
Advanced tools
Interactive Brokers TWS/IB Gateway API client library for Node.js (TS)
@stoqey/ib
is an Interactive Brokers TWS (or IB Gateway) Typescript API client library for Node.js. It is a port of Interactive Brokers' Java Client Version 10.32.01 ("latest" relased on Oct 9, 2024).
Refer to IBKRCampus for the official documentation and the C#/Java/VB/C++/Python client.
The module makes a socket connection to TWS (or IB Gateway) using the net module and all messages are entirely processed in Typescript. It uses EventEmitter to pass the result back to user.
$ npm install @stoqey/ib
or
$ yarn add @stoqey/ib
If you currently use version 1.1.x and want to upgrade to 1.2.x please note that there is a breaking change that might affect your code:
Versions up to 1.1.x did return Number.MAX_VALUE
on values that are not available. This was to be in-sync with the official TWS API Java interfaces. Since the usage of Number.MAX_VALUE
is very uncommon in JScript/TS and caused / causes lot of confusion, all versions starting from 1.2.1 will return undefined
instead.
If you have checked for Number.MAX_VALUE
up to now, you can drop this check. If you have not checked for undefined
yet, you should add it.
Example:
ib.on(EventName.pnlSingle, (
reqId: number,
pos: number,
dailyPnL: number,
unrealizedPnL: number,
realizedPnL: number,
value: number
) => {
...
}
);
now is (look at unrealizedPnL
and realizedPnL
)
ib.on(EventName.pnlSingle, (
reqId: number,
pos: number,
dailyPnL: number,
unrealizedPnL: number | undefined,
realizedPnL: number | undefined,
value: number
) => {
...
}
);
There are two APIs on this package, IBApi and IBApiNext.
IBApi replicates the official TWS API as close as possible, making it easy to migrate or port existing code. It implements all functions and provides same event callbacks as the official TWS API does.
IBApiNext is a preview of a new API that is currently in development. The goal of IBApiNext is it, to provide same functionality as IBApi, but focus on usability rather than replicating the official interface. It is not based on a request/event design anymore, but it does use RxJS instead. IBApiNext still is in preview stage. Not all functions are available yet, and we cannot guarantee stable interfaces (although are we confident that public signatures of already existing functions won't change anymore).
Platform | Port |
---|---|
IB Gateway live account | 4001 |
IB Gateway paper account | 4002 |
TWS Live Account | 7496 |
TWS papertrading account | 7497 |
/* Example: Print all portfolio positions to console. */
import { IBApi, EventName, ErrorCode, Contract } from "@stoqey/ib";
// create IBApi object
const ib = new IBApi({
// clientId: 0,
// host: '127.0.0.1',
port: 7497,
});
// register event handler
let positionsCount = 0;
ib.on(EventName.error, (err: Error, code: ErrorCode, reqId: number) => {
console.error(`${err.message} - code: ${code} - reqId: ${reqId}`);
})
.on(
EventName.position,
(account: string, contract: Contract, pos: number, avgCost?: number) => {
console.log(`${account}: ${pos} x ${contract.symbol} @ ${avgCost}`);
positionsCount++;
},
)
.once(EventName.positionEnd, () => {
console.log(`Total: ${positionsCount} positions.`);
ib.disconnect();
});
// call API functions
ib.connect();
ib.reqPositions();
ib.once(EventName.nextValidId, (orderId: number) => {
const contract: Contract = {
symbol: "AMZN",
exchange: "SMART",
currency: "USD",
secType: SecType.STK,
};
const order: Order = {
orderType: OrderType.LMT,
action: OrderAction.BUY,
lmtPrice: 1,
orderId,
totalQuantity: 1,
account: "YOUR_ACCOUNT_ID",
};
ib.placeOrder(orderId, contract, order);
});
ib.connect();
ib.reqIds();
While IBApi uses a request function / event callback design where subscriptions are managed by the user, IBApiNext does use RxJS 7 to manage subscriptions.
In general, there are two types of functions on IBApiNext:
One-shot functions, returning a Promise, such as IBApiNext.getCurrentTime
or IBApiNext.getContractDetails
. Such functions will send a request to TWS and return the result (or error) on the Promise.
Endless stream subscriptions, returning an Observable, such as IBApiNext.getAccountSummary
or IBApiNext.getMarketData
.
Such functions will deliver an endless stream of update events. The complete
callback will NEVER be invoked (do not try to convert to a Promise - it will never resolve!)
The src/tools folder contains a collection of command line tools to run IBApiNext from command line. Have look on it if you search for IBApiNext sample code.
Example:
node ./dist/tools/account-summary.js -group=All -tags="NetLiquidation,MaintMarginReq" -watch -inc -port=4002
{
"all": [
[
"DU******",
[
[
"MaintMarginReq",
[
[
"EUR",
{
"value": "37688.07",
"ingressTm": 1616849611611
}
]
]
]
]
]
],
"added": [
[
...
! WARNING ! - Make sure to test on papertrading account as tests could contain actions that result in selling and buying financial instruments.
The easiest way to start testing and playing around with the code is to run included IB Gateway docker container. To set it up use following steps.
Copy sample.env
to file .env
yarn
to install dependenciescp sample.env .env
IB_PORT
from 4002
to 4004
if using IB Gateway from docker-compose
(Step 6)yarn build
to compile TypeScript codedocker-compose up
(use flag -d
to run de-attached mode in background). Now the docker instance of IB Gateway should be running.docker-compose down
Once docker is up and running with correct credentials it should be ready to accept connections.
Tests can be run from CLI with jest
tool. Either a single one or multiple tests at once.
Running single/multiple tests
jest src/test/unit/api/api.test.ts
To run multiple, just use path instead of specific file.
To run all tests run the following command.
yarn test
Will be added later once it's stable
Public interfaces, that are planned to be removed, will be marked with a @deprecated.
The @deprecated tag will contain a description or link on how migrate to new API (example: IBApiCreationOptions.clientId).
VSCode will explicitly mark deprecated functions and attributes, so you cannot miss it.
If you write new code, don't use deprecated functions.
If you already use deprecated functions on existing code, migrate to new function on your next code-clean up session. There is no need for immediate change, the deprecated function will
continue to work for a least a half more year, but at some point it will be removed.
IB does regularly release new API versions, so this library will need permanent maintenance in order to stay up-to-date with latest TWS features.
Also, there is not much testing code yet. Ideally there should be at least one test-case for each public function.
In addition to that, a little demo / example app would be nice, to demonstrate API usage (something like a little live-portoflio-viewer app for node.js console?).
Any kind of bugfixes are welcome as well.
If you want to contribute, read the Developer Guide and start coding.
FAQs
Interactive Brokers TWS/IB Gateway API client library for Node.js (TS)
The npm package @stoqey/ib receives a total of 488 weekly downloads. As such, @stoqey/ib popularity was classified as not popular.
We found that @stoqey/ib demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.