Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Welcome to the bip.io API Server (Snow 0.4)
bip.io is Billion Instructions Per I/O - For People and Robots.
Imagine you can send a single standard payload and have a limitless host of API's orchestrate at your command.
That's what bip.io does.
Follow @bipioapp on Twitter for regular news and updates.
bip.io is a nodejs based web automation framework that runs 'bips'. A Bip is a web automation agent. A Bip can connect many different web services and perform useful work. It can act on your behalf or perform at your command.
Bips can take actions in sequence or in parallel, and chain web services together as you like. They can be put to work via Web Hooks, Email or Trigger when something happens.
bip.io can be installed alongside your existing open source app or prototype for out-of-band message transformation, feed aggregation, queuing, social network fanout or whatever you like, even on your Raspberry Pi.
This server software is a RESTful JSON API supporting account level namespacing and multiple domains (fqdn) per account. Clients authenticate over HTTP Basic.
bip.io is dynamic, flexible, fast, modular, opinionless and GPLv3 open source.
Find out more in the wiki.
Pods are the standalone service containers bip.io uses to encapsulate and standardize the world's API's. Supported Services are growing fast, and open source.
This server ships with a few handy 'Pods' which you can use right away - Email, Text/HTML/Markdown Templating, Flow Control, Syndication, Web Hooks and Time.
Extra Pods can be found in the master repository.
To install a pod :
npm install bip-pod-{pod-name}
./tools/pod-install.js -a {pod-name}
And follow the instructions.
Feel free to craft your own.
SMTP Bips are available out of the box with a Haraka plugin. Configs under bipio-contrib/haraka.
sudo npm install -g bipio
bipio
sudo npm install bipio
cd node_modules
npm start
git clone git@github.com:bipio-server/bipio.git
cd bipio
npm install
node . (or `npm start`)
The bip.io server is a light weight headless API server and ships without a User Interface (UI). The official UI can be found on the bip.io hosted platform. It's completely free, will run on all desktops and most tablets.
To learn about the UI, the community knowledgebase is the best place to start.
Although bip.io is a hosted cloud platform, you can still use it to manage your own bip.io server with a feature called 'Mounts'
Sign in to bip.io to mount your local install from your browser under My Account > Mounts > Create Mount.
Be sure to answer yes to the SSL question during setup to install a self signed SSL certificate.
Enable SSL? This will let you mount this server from the https://bip.io dashboard :
This will avoid any browser security restrictions when mounting your server via the hosted website. You must visit your bipio server in a browser first and accept the self signed certificate, or the mount may not work eg : https://localhost:5000/status
The UI is a thin client which is loaded entirely into your browser. Once loaded you can reach any bipio server your browser can connect to such as from behind any firewall, over VPN or IP tunnel etc.
When setting bip.io up for the first time, the install process will enter interactive mode, saving the generated config to config/default.json
.
The location of the config file can be overrideen using the NODE_CONFIG_DIR
environment variable.
export NODE_CONFIG_DIR=<path_to_your_config_directory>
Be sure to have a MongoDB server and Rabbit broker ready and available before install. Otherwise, follow the prompts during the install process to get a basically sane server running that you can play with.
For Ubuntu users, a sample upstart script is supplied in config/upstart_bip.conf
which should be copied to
/etc/init
and reconfigured to suit your environment.
If you have a more complex deployment environment and the packaged sparse config doesn't suit, don't worry! Set the environment variable BIPIO_SPARSE_CONFIG
to the path of your preferred config file, and it will use that instead.
For a non-interactive setup (ie: make install without any user interaction) - set environment variable HEADLESS=true
bip.io does not provide any load balancing beyond node-cluster. It can provide SSL termination but this is unsuitable for a production environment. If you need SSL termination this should be delegated to the forward proxy of your choice such as Nginx, Apache, HAProxy etc.
A healthy contributor community is great for everyone! Take a look at the Contribution Document to see how to get your changes merged in.
Please log issues to the repository issue tracker on GitHub.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
FAQs
API and graph resolver for the bipio content pipeline.
We found that bipio demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.