Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
NeteaseCloudMusicApi
Advanced tools
网易云音乐 Node.js API service
增加Dockerfile,支持以Docker容器模式运行
添加了proxy功能
用 'request' 重写了请求函数
优化 CORS 设置
添加缓存机制和随机 UA 机制 感谢@u3u issue:77 优化请求代码 感谢 @huhuime issue:83
修复垃圾桶接口
修复红心接口
修复签到接口
增加启动说明页
修复若干细节问题
修复若干问题
增加动态消息接口
修复 mv 排行榜接口崩溃问题
新增点赞接口,更新文档
修复歌手单曲数据空白问题和文档获取歌手单曲url 描述问题,更新文档
增加 mv/专辑/歌单评论接口,增加云盘相关接口,增加获取用户动态/信息接口,增加关注/粉丝列表接口,增加收藏歌单接口,增加相似 mv/歌曲/用户接口,增加 banner 接口,增加刷新登录接口,增加电台相关接口,补充评论接口,更新文档
增加播放 mv 接口,更新文档
增加歌手专辑,歌手单曲等接口,修复/album 接口描述错误,更新文档
增加歌单(网友精选碟),新碟上架,热门歌手等接口,更新文档
增加歌曲详情接口,更新文档
增加排行榜接口,更新文档
增加私人 FM, 喜欢歌曲,垃圾桶,每日签到等接口,更新文档
改善文档
增加获取评论接口以及对应单元测试,增加更新日志
版本升级到 2.0.增加使用文档,完成项目重构,增加更完善的单元测试,升级 api 到 v2+,支持登录并获取用户信息和创建的歌单,可通过获取音乐 url 接口获取用户歌单里的的音乐,获取每日推荐歌单和每日推荐音乐
需要 NodeJS 6.0+ 环境
$ git clone git@github.com:Binaryify/NeteaseCloudMusicApi.git
$ npm install
$ node app.js
服务器启动默认端口为3000,若不想使用3000端口,可使用以下命令: Mac/Linux
$ PORT=4000 node app.js
windows 下使用 git-bash 或者 cmder 等终端执行以下命令:
$ set PORT=4000 && node app.js
docker pull pengxiao/netease-music-api
docker run -d -p 3000:3000 pengxiao/netease-music-api
$ npm test
FAQs
网易云音乐 NodeJS 版 API
The npm package NeteaseCloudMusicApi receives a total of 616 weekly downloads. As such, NeteaseCloudMusicApi popularity was classified as not popular.
We found that NeteaseCloudMusicApi demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.