Research
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
By Kirill Boychenko - Sep 24, 2025
@titicaca/ntk-koa-helpers
Advanced tools
Package was removed
Sorry, it seems this package was removed from the registry
@titicaca/triple-koa-helpers
모듈별 문서는 다음을 참조해주십시오:
먼저 아래와 같이 서버, 그리고 에플리케이션을 구성해줍니다.
src/index.ts
import * as Sentry from '@sentry/node'
import { Context } from 'koa'
import {
responseParserMiddleware,
catchAppErrorsMiddleware,
} from '@titicaca/ntk-koa-helpers'
import { SENTRY_DSN, SENTRY_ENV } from './config'
import { createApp } from './app'
import { logger } from './logger'
const PORT = parseInt(process.env.PORT || '3000', 10)
if (SENTRY_DSN) {
Sentry.init({ dsn: SENTRY_DSN, environment: SENTRY_ENV })
}
function main() {
const koaApp = createApp()
if (SENTRY_DSN) {
koaApp.on(
'error',
(
err,
ctx: Context & {
request: Sentry.PolymorphicRequest
},
) => {
Sentry.withScope((scope) => {
scope.addEventProcessor((event) =>
Sentry.addRequestDataToEvent(event, ctx.request),
)
Sentry.captureException(err)
})
},
)
}
const server = koaApp.listen(PORT, () => {
// eslint-disable-next-line no-console
logger.info(`Koa server listening on ${PORT}.`)
})
server.keepAliveTimeout = 90 * 1000
}
// NOTE: 에러 센트리 훅 추가
catchUnhandledRejection(logger, (err) => {
if (SENTRY_DSN) {
Sentry.captureException(err)
}
})
main()
src/app.ts
import Koa from 'koa'
import Router from 'koa-router'
import bodyParser from 'koa-bodyparser'
import {
responseParserMiddleware,
catchAppErrorsMiddleware,
} from '@titicaca/ntk-koa-helpers'
import tripleUserKoaMiddleware from '@titicaca/triple-user-auth-middleware'
import { httpLogger } from '@titicaca/ntk-logger'
import { logger } from './logger'
import * as poi from './poi'
const bodyParserMiddleware: Koa.Middleware = bodyParser({
detectJSON: ({ request: { type } }) => /\bjson$/.test(type),
enableTypes: ['json'],
jsonLimit: '1mb', // 기본값이 1mb 입니다. 만약 더 큰 json body를 받아야 할 필요가 있다면 여기를 수정하세요.
})
export function createApp() {
return new Koa()
.use(
catchAppErrorsMiddleware(logger, () => {
console.log('CALLED AFTER HANDLING APP ERROR')
}),
) //에러 핸들러 미들웨어 로거 주입 및 훅(필요하다면) 추가
.use(bodyParserMiddleware)
.use(tripleUserKoaMiddleware)
.use()
.use(httpLogger(logger))
.use(responseParserMiddleware) // 꼭 미들웨어의 마지막 순서로 설치하셔야 합니다.
.use(
new Router()
.get('/health', (context) => {
context.status = 200
})
.routes(),
)
.use(routes())
}
function routes() {
const router = new Router()
router.use('/pois', poi.routes())
return router.routes()
}
아래는 agenda 추가 예시입니다. (참조: 소스코드)
src/index.ts
async function main() {
await initAgenda()
const koaApp = createApp()
...
}
src/agenda.ts
import { Agenda } from 'agenda'
import { defineJobs } from 'path/to/controller'
import { db } from './mongodb-adapter'
import { logger } from './logger'
export const agendaClient = new Agenda({
mongo: db,
defaultLockLifetime: 1000 * 60 * 60 * 3,
defaultConcurrency: 1,
defaultLockLimit: 50,
})
export async function initAgenda() {
defineJobs()
agendaClient.on('fail', async (err: unknown, job: Job) => {
const normalizedError = AppError.of({
code: "ASYNCHRONOUS_ERROR",
message: `Job id: ${job._id}가 실패했습니다.`
context: {
error,
job,
}
})
logger.error(normalizedError)
//retry logic 등을 실행
await handleJobFailure(job)
})
})
try {
await agendaClient.start()
} catch (err) {
console.error('어젠다 클라이언트를 시작하는데에 실패했습니다:', err)
}
}
Usage
const tripleHttpErrors = require('@titicaca/triple-http-errors');
// TODO: DEMONSTRATE API
FAQs
> TODO: description
We found that @titicaca/ntk-koa-helpers demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 57 open source maintainers collaborating on the project.
Package last updated on 09 Aug 2023
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025