Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
appnexus-api
Advanced tools
appnexus-api is an easy-to-use Appnexus client for node.
$ npm install appnexus-api
This library throttle requests to respect Appnexus limits:
See system tests.
Appnexus token is valid for 2 hours. Appnexus recomends to listen for the
"NOAUTH" error and then reauthenticate.
This library does not implement that behavior.
Here is an example of continuous authentication.
var Appnexus = require('appnexus-api'),
reauthenticateEvery = 60*60*1000;
reauthenticateRetry = 500;
(function authenticate() {
self.client.authenticate(function (err, token) {
if (err) {
self.emit('error', err);
setTimeout(authenticate, reauthenticateRetry);
} else {
self.client.token = token;
setTimeout(authenticate, reauthenticateEvery);
}
});
}());
In the example the client try to reauthenticate every hour.
If it fails, it will keep trying retry every 500 ms. Request throttle will prevent
exceeding appnexus authentication request limits.
You can use mocha
with your preferred options or just make test-unit
You can run the system tests against an Appnexus like system.
Before you run them, double check that your environment is set up.
For instance you can create a testing-env.sh
shell script like:
# Appnexus testing environment credentials
export APPNEXUS_USERNAME=johndoe
export APPNEXUS_PASSWORD=secret
export APPNEXUS_ENDPOINT=http://sand.api.appnexus.com
And add it to your working environment with $ . ./testing-env.sh
then
$ npm test
or
$ make test-system
System tests are instrumentalised using the excellent debug library.
FAQs
Appnexus client for node.js
The npm package appnexus-api receives a total of 5 weekly downloads. As such, appnexus-api popularity was classified as not popular.
We found that appnexus-api demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.