Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
@vonage/messages
Advanced tools
Multi-channel messaging that integrates WhatsApp, Facebook, Viber, SMS, and MMS
This is the Vonage Messages SDK for Node.js for use with Vonage APIs. To use it you will need a Vonage account. Sign up for free at vonage.com.
We recommend using this package as part of the overall @vonage/server-sdk
package.
For full API documentation refer to developer.nexmo.com.
We recommend using this SDK as part of the overall @vonage/server-sdk
package. Please see the main package for installation.
You can also use this SDK standalone if you only need access to just the Messages API.
npm install @vonage/messages
yarn add @vonage/messages
If you are using this SDK as part of the Vonage Server SDK, you can access it as the messages
property off of the client that you instantiate.
const { Vonage } = require('@vonage/server-sdk');
const vonage = new Vonage({
apiKey: API_KEY,
apiSecret: API_SECRET,
applicationId: APP_ID,
privateKey: PRIVATE_KEY_PATH,
signatureSecret: SIGNATURE_SECRET,
signatureMethod: SIGNATURE_METHOD
}, options);
vonage.messages.send({to: TO_NUMBER, from: FROM_NUMBER: channel: 'sms', text: MESSAGE});
The SDK can be used standalone from the main Vonage Server SDK for Node.js if you only need to use the Messages API. All you need to do is require('@vonage/messages')
, and use the returned object to create your own client.
const { Auth } = require('@vonage/auth');
const { Messages } = require('@vonage/messages');
const messagesClient = new Messages(new Auth({
apiKey: API_KEY,
apiSecret: API_SECRET,
applicationId: APP_ID,
privateKey: PRIVATE_KEY_PATH,
}), options);
apiKey
- API Key from Vonage API. If applicationId
and privateKey
are present, apiKey
is optional.apiSecret
- API Secret from Vonage API. If applicationId
and privateKey
are present, apiSecret
is optional.applicationId
- (optional) The Vonage API Application ID to be used when creating JWTs.privateKey
- (optional) The Private Key to be used when creating JWTs. You can specify the key as any of the following:
options
is an object that can contain:{
// If true, log information to the console
debug: true|false,
// append info the the User-Agent sent to Nexmo
// e.g. pass 'my-app' for /nexmo-node/1.0.0/4.2.7/my-app
appendToUserAgent: string,
// Set a custom logger
logger: {
log: function() {level, args...}
info: function() {args...},
warn: function() {args...}
},
// Set a custom timeout for requests to Nexmo in milliseconds. Defaults to the standard for Node http requests, which is 120,000 ms.
timeout: integer,
// Set a custom host for requests instead of api.nexmo.com
apiHost: string,
// Set a custom host for requests instead of rest.nexmo.com
restHost: string
}
Most methods that interact with the Vonage API uses Promises. You can either resolve these yourself, or use await
to
wait for a response.
const resp = await messagesClient.send({to: TO_NUMBER, from: FROM_NUMBER: channel: 'sms', message_type: 'text', text: MESSAGE});
messagesClient.send({to: TO_NUMBER, from: FROM_NUMBER: channel: 'sms', message_type: 'text', text: MESSAGE})
.then(resp => console.log(resp))
.catch(err => console.error(err));
Run:
npm run test
1.1.1
method
declarationFAQs
Multi-channel messaging that integrates WhatsApp, Facebook, Viber, SMS, and MMS
The npm package @vonage/messages receives a total of 32,209 weekly downloads. As such, @vonage/messages popularity was classified as popular.
We found that @vonage/messages demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.