Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
transport agnostic strongly typed duplex rpc interfaces
🔧 Install · 🧩 Example · 📜 API docs · 🔥 Releases · 💪🏼 Contribute · 🖐️ Help
$ npm i alice-bob
// alice
import { fork } from 'child_process'
import { join } from 'path'
import { Alice } from 'alice-bob'
// we import Bob's interface and call it Remote
// bob will show as Agent<Remote> in intellisense
import type { Interface as Remote } from './bob'
export interface Interface {
hiya: (message: { from: string }) => Promise<void>
}
// for intellisense reasons we alias our interface to `Local`
// so that alice shows as Agent<Local> and bob as Agent<Remote>
type Local = Interface
// start bob
const child = fork(join(__dirname, 'bob'))
// create an Alice instance with given `send` function as the
// constructor parameter. Note that Alice, Bob both inherit from
// the AliceBob class, the only thing they change is they have
// the names "alice" and "bob" preconfigured in their agents
const [alice, bob] = new Alice<Local, Remote>(
data => void child.send(data)
).agents()
// all messages from bob passed to alice.receive
child.on('message', alice.receive)
// we can set debug=true|false at any time
alice.debug = true
// methods can be added also lazily at any time at any scope..
alice.hiya = async ({ from }) => {
alice.log(from, 'says: hiya!')
// => alice: bob says: hiya!
// `agent.log()` prepends the agent's name to the output
}
const sayHello = async () => {
const result = await bob.hello('there', { iam: alice.name })
alice.log('bob responded with:', result)
// => alice: bob responded with: hi alice
process.exit(0)
}
sayHello()
// bob
import { Bob } from 'alice-bob'
import type { Interface as Remote } from './alice'
export interface Interface {
hello: (message: string, data: { iam: string }) => Promise<string>
}
type Local = Interface
const [bob, alice] = new Bob<Local, Remote>().agents({ debug: true })
// we connect our transport in just these two lines
process.on('message', bob.receive)
// send method can be provided at any time
bob.send = data => void process.send!(data)
bob.hello = async (message, { iam }) => {
bob.log(iam + ' says: hello ' + message)
// we can call alice methods as well
await alice.hiya({ from: 'bob' })
// if we throw here the remote's `await`
// will throw as well with this message
// throw new Error('failed :(')
return 'hi ' + iam
}
Payload.
Payload id.
Type: number
Method to call.
The arguments passed to the method.
Type: Array<any>
Agent.
Type: any
Whether or not to log debugging information.
Type: boolean
The name of the agent. Defaults to either 'alice' or 'bob' depending on the constructor used, Alice or Bob.
Type: string
The send method overriden by the user to any transport.
Type: PayloadMethod
Returns the send method. Used in contexts where it might change between sessions, like browser refresh/hot/livereload.
Type: function (): PayloadMethod
Overridable logging function. Defaults to console.log()
and prepends agent.name
.
Type: function (...args: Array<any>): void
AliceBob class.
send
PayloadMethod? The send
payload method provided by the user. Will be called with a payload to be sent.The local Agent.
Type: Agent<A>
The remote Agent.
Type: Agent<B>
Returns the agents tuple [alice, bob]
.
Example:
const [alice, bob] = new Alice<Local, Remote>().agents()
options
AgentsOptions (optional, default {debug:false}
)
options.debug
Whether to enable debugging. (optional, default false
)Extends AliceBob
Alice class.
send
PayloadMethod? The send
payload method provided by the user. Will be called with a payload to be sent.Extends AliceBob
Bob class.
send
PayloadMethod? The send
payload method provided by the user. Will be called with a payload to be sent.All contributions are welcome!
MIT © 2021 stagas
FAQs
transport agnostic strongly typed duplex rpc interfaces
The npm package alice-bob receives a total of 0 weekly downloads. As such, alice-bob popularity was classified as not popular.
We found that alice-bob demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.