Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
backtrace-service
Advanced tools
This library consists of a single express.js middleware function. It may contain other common Service Layer related capabilities later.
const btservice = require('backtrace-service');
app.post("${url_prefix}/service", btservice.serviceRequest({
name: 'simple',
secret: 'asdfghjk',
coronerdCallback: (url) => {
console.log('heard from coronerd at: ' + url);
},
}));
The following options are accepted as the sole argument for the call:
log
function which can be logged
to. For example, winston logger instances.Services are expected to configure one or more authentication tokens, which
will be distributed to coronerd instances using the service. While a
service is running, it may receive registration requests at
${url_prefix}/service
, which enable the service to integrate new coronerd
instances on the fly.
Coronerd URLs provided as the url
parameter to coronerdCallback
are the
base URLs, for example, https://backtrace.sp.backtrace.io/
. Services may
expect to append the appropriate resource for their needs, e.g.
/api/config
, to reach that resource on the coronerd instance.
This function is intended as an additional middleware which may be used in
application routes to validate requests that involve a session token issued
by a remote coronerd. The actual call can reuse the same options argument
used for serviceRequest
, although it does not use coronerdCallback
.
In the route middleware list, prior to authenticateRequest
, the
application must attach a req.coronerAuth
object which contains:
For example:
req.coronerAuth = {
url: "https://backtrace.sp.backtrace.io/",
token: "f5af46b8eb32adb860ef46a9e714cfde",
}
This normalized form is used due to the fact that different services take these parameters from clients in different ways.
Middlewares that come after authenticateRequest
will have access to the
validated coronerd /api/config
response in req.coronerAuth.cfg
.
FAQs
Common tools for Backtrace Node services
The npm package backtrace-service receives a total of 452 weekly downloads. As such, backtrace-service popularity was classified as not popular.
We found that backtrace-service demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.