Research
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
By Kirill Boychenko - Sep 24, 2025
@suprsend/node-sdk
Advanced tools
suprsend-node-sdk
This package can be included in a node project to easily integrate with Suprsend platform.
Refer full documentation here
We're working towards creating SDK in other languages as well.
Suprsend SDKs available in following languages
- node (
suprsend-node-sdk) - python3 >= 3.7 (
suprsend-py-sdk)
Installation
suprsend-node-sdk is available as npm package. You can install using npm or yarn.
Using npm:
npm install @suprsend/node-sdk
Using yarn:
yarn add @suprsend/node-sdk
Usage
Initialize the Suprsend SDK
const Suprsend = require("@suprsend/node-sdk");
// Initialize SDK
const supr_client = new Suprsend("env_key", "env_secret");
Following example shows a sample request for triggering a workflow.
It triggers a notification to a user with id: distinct_id,
email: user@example.com & androidpush-token: __android_push_token__
using template purchase-made and notification_category system
// Prepare Workflow body
const workflow_body = {
"name": "Purchase Workflow",
"template": "purchase-made",
"notification_category": "system",
"delay": "15m",
"users": [
{
"distinct_id": "0f988f74-6982-41c5-8752-facb6911fb08",
"$email": ["user@example.com"],
"$androidpush": ["__android_push_token__"],
}
],
"data": {
"template": {
"first_name": "User",
"spend_amount": "$10"
},
}
}
// Trigger workflow
const response = supr_client.trigger_workflow(workflow_body); // returns promise
response.then((res) => console.log("response", res));
When you call supr_client.trigger_workflow, the SDK internally makes an HTTP call to SuprSend
Platform to register this request, and you'll receive a promise which resolve to response indicating
the acceptance status.
Note: The actual processing/execution of workflow happens asynchronously.
// If the call succeeds, response will looks like:
{
"success": true,
"status_code": 202,
"message": "Accepted",
}
// In case the call fails. You will receive a response with success=false
{
"success": false,
"status": 400,
"message": "error message",
}
Add attachments
To add one or more Attachments to a Notification (viz. Email, Whatsapp),
call supr_client.add_attachment(...) for each file.
Ensure that file_path is proper, otherwise it will raise error.
// this snippet can be used to add attachment to workflow_body.
const file_path = "/home/user/billing.pdf"
supr_client.add_attachment(workflow_body, file_path);
Attachment structure
The add_attachment(...) call appends below structure to data->'$attachments'
{
"filename": "billing.pdf",
"contentType": "application/pdf",
"data": "Q29uZ3JhdHVsYXRpb25zLCB5b3UgY2FuIGJhc2U2NCBkZWNvZGUh",
}
Where
filename- name of file.contentType- MIME-type of file content.data- base64-encoded content of file.
Keywords
FAQs
Suprsend Node SDK to trigger workflow from backend
The npm package @suprsend/node-sdk receives a total of 4,891 weekly downloads. As such, @suprsend/node-sdk popularity was classified as popular.
We found that @suprsend/node-sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Package last updated on 03 May 2022
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025