Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
amqp-wrapper
Advanced tools
A wrapper around https://github.com/squaremo/amqp.node to make consuming and publishing dead easy.
Simple consuming and publishing from/to a RabbitMQ broker.
Allows you to have any number of publish queues, one consume queue and to perform consume and publish operations.
const AMQP = require('amqp-wrapper');
var config = {
url: process.env.AMQP_URL,
exchange: process.env.AMQP_EXCHANGE,
queue: {
name: process.env.AMQP_CONSUME,
routingKey: process.env.AMQP_ROUTING_KEY, // If supplied, queue is bound to
// this key (or keys) on the exchange. NB Can be an array of strings or just
// a string.
options: {/* ... */} // Advanced: options passed to ch.assertQueue() in wrapped `amqplib`.
},
// Set the QOS/prefetch (defaults to 1)
prefetch: 100
};
const amqp = new AMQP(config);
async function main () {
// Must call this before you consume/publish/etc...
await amqp.connect();
// Consuming
var handleMessage = function(message, callback) {
//... Do things
callback();
};
// You must call:
callback(err, requeue)
// in your handleMessage. If `err` !== `null` then the message will be `nack`ed.
// Requeueing will be requeue iff `requeue` is `true`.
// If `err` is `null` then the message is `ack`ed.
// If an exception occurs in handleMessage, then the message is `nack`ed and not requeued.
// Start consuming:
amqp.consume(handleMessage);
// Publishing to arbitrary routing key.
await amqp.publish(routingKey, payload, options);
}
If payload
is an object, it will be turned into JSON.
deadLetterExchange
option which will cause the queue
to be declared with that dead letter exchange.deadLetterExchange
and deadLetterRoutingKey
are special options, in that
as well as being passed through to ch.assertQueue()
to ensure the dead
lettering behaviour occurs, a queue will be declared of the same name with
the -dead-letter
suffix, with a binding declared on the dead letter
exchange for the dead letter routing key. This means that when a message is dead
lettered on that queue it will have somewhere to go without you having to set up
a dead lettering queue manually.This is a wrapper to https://github.com/squaremo/amqp.node (amqplib
).
Start a rabbit server, preferably a 'throw away' one with fresh state. You can do this like so if you have docker:
docker run -d --rm -p 5672:5672 rabbitmq
Wait for it to finish starting up, then:
npm test
Note that tests/config.js
currently assumes you are using boot2docker
(on a
Mac) so you may need to hack that stuff (or it may just work as it should just
use localhost if it's not there... unproven though.)
Class to contain an instantiated connection/channel to AMQP with a given config.
Kind: global class
Promise
Promise
Promise
Promise
Instantiate an AMQP wrapper with a given config.
Param | Type |
---|---|
config | object |
config.url | string |
config.exchange | string |
config.queue | object |
config.queue.name | string |
config.queue.routingKey | Array.<string> | string |
config.queue.options | object |
Promise
Connects, establishes a channel, sets up exchange/queues/bindings/dead lettering.
Kind: instance method of AMQPWrapper
Promise
Closes connection.
Kind: instance method of AMQPWrapper
Promise
Publish a message to the given routing key, with given options.
Kind: instance method of AMQPWrapper
Param | Type |
---|---|
routingKey | string |
message | object | string |
options | object |
Promise
handleMessage() is expected to be of the form: handleMessage(parsedMessage, callback). If callback is called with a non-null error, then the message will be nacked. You can call it like: callback(err, requeue) in order to instruct rabbit whether to requeue the message (or discard/dead letter).
If not given, requeue is assumed to be false.
cf http://squaremo.github.io/amqp.node/doc/channel_api.html#toc_34
Kind: instance method of AMQPWrapper
Param | Type |
---|---|
handleMessage | function |
options | object |
(The MIT License)
Copyright (c) 2014 Noble Samurai
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the 'Software'), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
FAQs
A wrapper around https://github.com/squaremo/amqp.node to make consuming and publishing dead easy.
The npm package amqp-wrapper receives a total of 4 weekly downloads. As such, amqp-wrapper popularity was classified as not popular.
We found that amqp-wrapper demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.