Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@types/websocket
Advanced tools
TypeScript definitions for websocket
@types/websocket provides TypeScript type definitions for the 'websocket' npm package, which is a WebSocket client and server library for Node.js. It allows developers to use WebSocket protocol for real-time communication in their applications with type safety.
WebSocket Server
This code sample demonstrates how to set up a WebSocket server using the 'websocket' package. It listens for incoming WebSocket connections, accepts them, and echoes back any received messages.
const WebSocketServer = require('websocket').server;
const http = require('http');
const server = http.createServer((request, response) => {
response.writeHead(404);
response.end();
});
server.listen(8080, () => {
console.log('Server is listening on port 8080');
});
const wsServer = new WebSocketServer({
httpServer: server,
autoAcceptConnections: false
});
wsServer.on('request', (request) => {
const connection = request.accept(null, request.origin);
console.log('Connection accepted.');
connection.on('message', (message) => {
if (message.type === 'utf8') {
console.log('Received Message: ' + message.utf8Data);
connection.sendUTF(message.utf8Data);
}
});
connection.on('close', (reasonCode, description) => {
console.log('Peer ' + connection.remoteAddress + ' disconnected.');
});
});
WebSocket Client
This code sample demonstrates how to set up a WebSocket client using the 'websocket' package. It connects to a WebSocket server, sends random numbers every second, and logs any received messages.
const WebSocketClient = require('websocket').client;
const client = new WebSocketClient();
client.on('connectFailed', (error) => {
console.log('Connect Error: ' + error.toString());
});
client.on('connect', (connection) => {
console.log('WebSocket Client Connected');
connection.on('error', (error) => {
console.log('Connection Error: ' + error.toString());
});
connection.on('close', () => {
console.log('Connection Closed');
});
connection.on('message', (message) => {
if (message.type === 'utf8') {
console.log('Received: ' + message.utf8Data);
}
});
function sendNumber() {
if (connection.connected) {
const number = Math.round(Math.random() * 0xFFFFFF);
connection.sendUTF(number.toString());
setTimeout(sendNumber, 1000);
}
}
sendNumber();
});
client.connect('ws://localhost:8080/', 'echo-protocol');
The 'ws' package is a popular WebSocket implementation for Node.js. It is known for its performance and simplicity. Unlike 'websocket', 'ws' does not include a built-in HTTP server, so you need to handle the HTTP server separately if needed.
The 'socket.io' package provides a real-time communication library that supports WebSocket and fallback options for older browsers. It offers more features than 'websocket', such as rooms, namespaces, and automatic reconnection, but it is heavier and more complex.
npm install --save @types/websocket
This package contains type definitions for websocket (https://github.com/theturtle32/WebSocket-Node).
Files were exported from https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/websocket.
These definitions were written by Paul Loyd, Kay Schecker, Zhao Lei, Sheng Chen, and Matthew Peveler.
FAQs
TypeScript definitions for websocket
The npm package @types/websocket receives a total of 607,618 weekly downloads. As such, @types/websocket popularity was classified as popular.
We found that @types/websocket demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.