Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
botbuilder
Advanced tools
Bot Builder is a framework for building rich bots on virtually any platform.
Bot Builder for Node.js is a powerful framework for constructing bots that can handle both freeform interactions and more guided ones where the possibilities are explicitly shown to the user. It is easy to use and models frameworks like Express & Restify to provide developers with a familiar way to write Bots.
To add the latest version of this package to your bot:
npm install --save botbuilder
To get access to the daily builds of this library, configure npm to use the MyGet feed before installing.
npm config set registry https://botbuilder.myget.org/F/botbuilder-v4-js-daily/npm/
To reset the registry in order to get the latest published version, run:
npm config set registry https://registry.npmjs.org/
Bot Builder has everything you need to run a bot on almost any bot platform like the Microsoft Bot Framework, Skype, and Slack. The core library will get your bot online and chatting. Then, extend and connect your Bot Builder app with these plugins:
Plugin | Description |
---|---|
botbuilder-dialogs | Powerful dialog system with dialogs that are isolated and composable, and built-in prompts for simple things like Yes/No, strings, numbers, enumerations. |
botbuilder-ai | Utilize powerful AI frameworks like LUIS and QnA Maker. |
botbuilder-azure | Incorporate Azure services like Cosmos DB and Blob Storage into your bot. |
Read the quickstart guide that will walk you through setting up your Bot Builder app so that you've got a well structured project and all of the tools necessary to develop and extend your bot.
Create a folder for your bot, cd into it, and run npm init.
npm init
Get the BotBuilder and Restify modules using npm.
npm install --save botbuilder
npm install --save restify
Create a file named bot.js and get your bot online with a few lines of code.
const restify = require('restify');
const botbuilder = require('botbuilder');
// Create bot adapter, which defines how the bot sends and receives messages.
var adapter = new botbuilder.BotFrameworkAdapter({
appId: process.env.MicrosoftAppId,
appPassword: process.env.MicrosoftAppPassword
});
// Create HTTP server.
let server = restify.createServer();
server.listen(process.env.port || process.env.PORT || 3978, function () {
console.log(`\n${server.name} listening to ${server.url}`);
console.log(`\nGet Bot Framework Emulator: https://aka.ms/botframework-emulator`);
});
// Listen for incoming requests at /api/messages.
server.post('/api/messages', (req, res) => {
// Use the adapter to process the incoming web request into a TurnContext object.
adapter.processActivity(req, res, async (turnContext) => {
// Do something with this incoming activity!
if (turnContext.activity.type === 'message') {
// Get the user's text
const utterance = turnContext.activity.text;
// send a reply
await turnContext.sendActivity(`I heard you say ${ utterance }`);
}
});
});
Use the Bot Framework Emulator to test your bot on localhost.
Install the emulator from here and then start your bot in a console window.
Start the emulator and say "hello" to your bot.
Deploy your bot to the cloud and then register it with the Azure Bot Service.
Learn how to build great bots.
FAQs
Bot Builder is a framework for building rich bots on virtually any platform.
We found that botbuilder demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.