Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
akismet-api
Advanced tools
Nodejs bindings to the Akismet (https://akismet.com) spam detection service
Full Nodejs bindings to the Akismet (https://akismet.com) spam detection service.
Features:
Upgrading to 5.0? The docs have changed a fair bit but everything is backward compatible on supported node versions, so you likely don't need to change anything! Check out the changelog.
These docs below are with ES6 async/await usage, but if you prefer another API you can also use this library with promises or with callbacks!
$ npm install --save akismet-api
Your blog URL and API key are required by Akismet and are all you will need to get started! For a full list of available client parameters and alternative constructors, check out the client documentation.
import { AkismetClient } from 'akismet-api'
const key = 'myKey'
const blog = 'https://myblog.com'
const client = new AkismetClient({ key, blog })
It's a good idea to verify your key before use.
try {
const isValid = await client.verifyKey()
if (isValid) console.log('Valid key!')
else console.log('Invalid key!')
} catch (err) {
console.error('Could not reach Akismet:', err.message)
}
A comment, at the bare minimum, must have the commenter's IP and user agent. You can provide more than that for better accuracy and doing so is strongly recommended. The following is a basic example, but see our documentation on the comment data structure for a complete list of fields you can provide.
const comment = {
ip: '123.123.123.123',
useragent: 'CommentorsAgent 1.0 WebKit',
content: 'Very nice blog! Check out mine!',
email: 'not.a.spammer@gmail.com',
name: 'John Doe'
}
Once you have a comment, we can check it! This tells you if it is spam or not.
If Akismet cannot be reached or returns an error, checkSpam
will throw an
exception.
try {
const isSpam = await client.checkSpam(comment)
if (isSpam) console.log('OMG Spam!')
else console.log('Totally not spam')
} catch (err) {
console.error('Something went wrong:', err.message)
}
If Akismet reports something as not-spam, but it turns out to be spam anyways, we can report this to Akismet to help improve their accuracy in the future.
try {
await client.submitSpam(comment)
console.log('Spam reported!')
} catch (err) {
console.error('Something went wrong:', err.message)
}
If Akismet reports something as spam, but it turns out to not be spam, we can report this to Akismet too.
try {
await client.submitHam(comment)
console.log('Non-spam reported!')
} catch (err) {
console.error('Something went wrong:', err.message)
}
If you are running integration tests on your app with Akismet, you should set
isTest: true
in your comments! That way, your testing data won't affect
Akismet.
To run the library's tests, just use npm test
. To also run the optional
integration tests, include a valid Akismet API key in the AKISMET_KEY
environment variable.
npm test
Author and maintainer is Chris Foster. Development was sponsored by Two Story Robot
Released under the MIT license.
See LICENSE.txt for more information.
FAQs
Nodejs bindings to the Akismet (https://akismet.com) spam detection service
The npm package akismet-api receives a total of 1,391 weekly downloads. As such, akismet-api popularity was classified as popular.
We found that akismet-api demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.