bfx-api-node-plugin-seq-audit
Advanced tools
bfx-api-node-plugin-seq-audit - npm Package Compare versions
Comparing version 1.0.0 to 1.0.1
| { | ||
| "name": "bfx-api-node-plugin-seq-audit", | ||
| "version": "1.0.0", | ||
| "version": "1.0.1", | ||
| "description": "Automatic sequence number verification plugin for the Bitfinex Node API", | ||
@@ -23,4 +23,7 @@ "engines": { | ||
| ], | ||
| "author": "Bitfinex", | ||
| "contributors": [ | ||
| "Cris Mihalache <cris.m@bitfinex.com> (https://www.bitfinex.com)" | ||
| "Cris Mihalache <cris.m@bitfinex.com> (https://www.bitfinex.com)", | ||
| "Jacob Plaster <jacob.plaster@bitfinex.com> (https://www.bitfinex.com)", | ||
| "Paolo Ardoino <paolo@bitfinex.com> (https://www.bitfinex.com)" | ||
| ], | ||
@@ -31,14 +34,15 @@ "license": "MIT", | ||
| }, | ||
| "dependencies": { | ||
| "bfx-api-node-core": "git+http://github.com/bitfinexcom/bfx-api-node-core.git#semver:^1.1.0", | ||
| "bfx-api-node-models": "git+http://github.com/bitfinexcom/bfx-api-node-models.git#semver:^1.0.12", | ||
| "bluebird": "^3.5.5", | ||
| "debug": "^4.1.1", | ||
| "lodash": "^4.17.15" | ||
| }, | ||
| "devDependencies": { | ||
| "chai": "^3.4.1", | ||
| "mocha": "^3.4.2", | ||
| "standard": "^10.0.2" | ||
| }, | ||
| "dependencies": { | ||
| "bluebird": "^3.5.1", | ||
| "debug": "^2.2.0", | ||
| "lodash": "^4.17.4", | ||
| "bfx-api-node-models": "^1.0.0", | ||
| "bfx-api-node-core": "^1.0.0" | ||
| "babel-eslint": "^10.0.3", | ||
| "chai": "^4.2.0", | ||
| "mocha": "^6.2.0", | ||
| "standard": "^14.1.0" | ||
| } | ||
| } |
@@ -1,3 +0,37 @@ | ||
| # bfx-api-node-plugin-seq-audit | ||
| # Bitfinex Node API Sequence Number Audit Plugin | ||
| [](https://travis-ci.org/bitfinexcom/bfx-api-node-plugin-seq-audit) | ||
| This plugin enables the sequence reporting flag upon connecting, and emits an `error` event upon receiving an invalid sequence number. | ||
| Note that the manager proxies the event as `ws2:error`. If subscribing on a socket instance (`wsState.ev.on(...)`) use the internal event name, otherwise use the manager name with `manager.onWS(...)`. | ||
| ### Example | ||
| ```js | ||
| 'use strict' | ||
| process.env.DEBUG = '*' | ||
| const debug = require('debug')('bfx:api:plugins:seq-audit:example') | ||
| const { Manager, subscribe } = require('bfx-api-node-core') | ||
| const SeqAuditPlugin = require('../') | ||
| const SYMBOL = 'tBTCUSD' | ||
| const mgr = new Manager({ | ||
| transform: true, | ||
| plugins: [SeqAuditPlugin()] | ||
| }) | ||
| mgr.onWS('open', {}, () => debug('connection open')) | ||
| // Catch checksum errors | ||
| mgr.onWS('ws2:error', {}, (err) => { | ||
| if (err.message.match(/invalid(.*)seq/)) { | ||
| debug('recv invalid seq # error: %s', err.message) | ||
| } | ||
| }) | ||
| const wsState = mgr.openWS() | ||
| subscribe(wsState, 'trades', { symbol: SYMBOL }) | ||
| ``` |
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Git dependency
Supply chain riskContains a dependency which resolves to a remote git URL. Dependencies fetched from git URLs are not immutable and can be used to inject untrusted code or reduce the likelihood of a reproducible install.
Found 2 instances in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by92.37%
11142
- Number of package files
- increased by100%
18
- Lines of code
- increased by116.24%
253
- Number of lines in readme file
- increased by850%
38
Worsened metrics
- Dev dependency count
- increased by33.33%
4
- Number of high supply chain risk alerts
- increased byInfinity%
2
- Number of low supply chain risk alerts
- increased byInfinity%
1
- Number of medium supply chain risk alerts
- increased byInfinity%
1
Dependency changes
- Removedansi-regex@2.1.1(transitive)
- Removedansi-styles@2.2.1(transitive)
- Removedasn1@0.2.6(transitive)
- Removedassert-plus@0.2.01.0.0(transitive)
- Removedasync@2.6.4(transitive)
- Removedaws-sign2@0.6.0(transitive)
- Removedbcrypt-pbkdf@1.0.2(transitive)
- Removedbfx-api-node-core@1.6.1(transitive)
- Removedbfx-api-node-models@1.8.2(transitive)
- Removedbfx-api-node-rest@4.6.1(transitive)
- Removedbfx-api-node-util@1.0.12(transitive)
- Removedbfx-api-node-ws1@1.0.4(transitive)
- Removedbignumber.js@9.1.2(transitive)
- Removedbl@1.0.3(transitive)
- Removedbluebird@3.5.5(transitive)
- Removedboom@2.10.1(transitive)
- Removedcaseless@0.11.0(transitive)
- Removedchalk@1.1.3(transitive)
- Removedcombined-stream@1.0.8(transitive)
- Removedcommander@2.20.3(transitive)
- Removedcore-util-is@1.0.21.0.3(transitive)
- Removedcrc-32@1.2.0(transitive)
- Removedcryptiles@2.0.5(transitive)
- Removeddashdash@1.14.1(transitive)
- Removeddebug@2.6.94.1.1(transitive)
- Removeddelayed-stream@1.0.0(transitive)
- Removedecc-jsbn@0.1.2(transitive)
- Removedescape-string-regexp@1.0.5(transitive)
- Removedexit-on-epipe@1.0.1(transitive)
- Removedextend@3.0.2(transitive)
- Removedextsprintf@1.3.0(transitive)
- Removedforever-agent@0.6.1(transitive)
- Removedform-data@1.0.1(transitive)
- Removedgenerate-function@2.3.1(transitive)
- Removedgenerate-object-property@1.2.0(transitive)
- Removedgetpass@0.1.7(transitive)
- Removedhar-validator@2.0.6(transitive)
- Removedhas-ansi@2.0.0(transitive)
- Removedhawk@3.1.3(transitive)
- Removedhoek@2.16.3(transitive)
- Removedhttp-signature@1.1.1(transitive)
- Removedinherits@2.0.4(transitive)
- Removedis-my-ip-valid@1.0.1(transitive)
- Removedis-my-json-valid@2.20.6(transitive)
- Removedis-property@1.0.2(transitive)
- Removedis-typedarray@1.0.0(transitive)
- Removedisarray@1.0.0(transitive)
- Removedisstream@0.1.2(transitive)
- Removedjsbn@0.1.1(transitive)
- Removedjson-schema@0.4.0(transitive)
- Removedjson-stringify-safe@5.0.1(transitive)
- Removedjsonpointer@5.0.1(transitive)
- Removedjsprim@1.4.2(transitive)
- Removedmime-db@1.52.0(transitive)
- Removedmime-types@2.1.35(transitive)
- Removedms@2.0.0(transitive)
- Removednode-uuid@1.4.8(transitive)
- Removedoauth-sign@0.8.2(transitive)
- Removedpinkie@2.0.4(transitive)
- Removedpinkie-promise@2.0.1(transitive)
- Removedprintj@1.1.2(transitive)
- Removedprocess-nextick-args@1.0.7(transitive)
- Removedqs@5.2.1(transitive)
- Removedreadable-stream@2.0.6(transitive)
- Removedrequest@2.67.0(transitive)
- Removedrequest-promise@4.2.0(transitive)
- Removedrequest-promise-core@1.1.1(transitive)
- Removedsafe-buffer@5.0.1(transitive)
- Removedsafer-buffer@2.1.2(transitive)
- Removedsntp@1.0.9(transitive)
- Removedsshpk@1.18.0(transitive)
- Removedstealthy-require@1.1.1(transitive)
- Removedstring_decoder@0.10.31(transitive)
- Removedstringstream@0.0.6(transitive)
- Removedstrip-ansi@3.0.1(transitive)
- Removedsupports-color@2.0.0(transitive)
- Removedtough-cookie@2.2.2(transitive)
- Removedtunnel-agent@0.4.3(transitive)
- Removedtweetnacl@0.14.5(transitive)
- Removedultron@1.1.1(transitive)
- Removedutil-deprecate@1.0.2(transitive)
- Removedverror@1.10.0(transitive)
- Removedws@3.0.08.18.0(transitive)
- Removedxtend@4.0.2(transitive)
Updatedbfx-api-node-core@git+http://github.com/bitfinexcom/bfx-api-node-core.git#semver:^1.1.0
Updatedbfx-api-node-models@git+http://github.com/bitfinexcom/bfx-api-node-models.git#semver:^1.0.12
Updatedbluebird@^3.5.5
Updateddebug@^4.1.1
Updatedlodash@^4.17.15