Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
bugout
Advanced tools
Readme
Browser-to-browser networking built on WebTorrent. Web service bug-out bag. Messageboard demo. Bugout demo.
Bugout is a humble attempt to re-decentralize the web a little.
This is a functional prototype. It's pre-alpha quality software. It will allow people to connect directly to your browser from outside your network. Be careful.
Demos | Install | Use | API documentation | Server boilerplate | Deploy headless
Using npm:
npm i bugout
Script tag:
<script src="https://chr15m.github.io/bugout/bugout.min.js"></script>
Clojurescript:
:install-deps false
:npm-deps {"bugout" "chr15m/bugout"}
:foreign-libs [{:file "node_modules/bugout/docs/bugout.min.js"
:provides ["cljsjs.bugout"]
:global-exports {cljsjs.bugout Bugout}}]
(:require [cljsjs.bugout :as Bugout])
var Bugout = require("bugout");
To create a Bugout server that runs in a browser tab:
var b = new Bugout();
// get the server address (public key hash) to share with clients
// this is what clients will use to connect back to this server
alert(b.address());
// register an API call the remote user can make
b.register("ping", function(address, args, callback) {
// modify the passed arguments and reply
args.hello = "Hello from " + b.address();
callback(args);
});
// save this server's session key seed to re-use
localStorage["bugout-server-seed"] = b.seed;
// passing this back in to Bugout() means the
// server-public-key stays the same between reloads
// for example:
// b = new Bugout({seed: localStorage["bugout-server-seed"]});
To start a client connection specify the server's public key to connect to (b.address()
from the server):
var b = new Bugout("server-public-key");
// wait until we see the server
// (can take a minute to tunnel through firewalls etc.)
b.on("server", function(address) {
// once we can see the server
// make an API call on it
b.rpc("ping", {"hello": "world"}, function(result) {
console.log(result);
// {"hello": "world", "pong": true}
// also check result.error
});
});
// save this client instance's session key seed to re-use
localStorage["bugout-seed"] = JSON.stringify(b.seed);
Both clients and servers can interact with other connected clients:
// receive all out-of-band messages from the server
// or from any other another connected client
b.on("message", function(address, message) {
console.log("message from", address, "is", message);
});
// broadcast an unecrypted message to all connected clients
b.send({"hello": "all!"});
// send an encrypted message to a specific client
b.send(clientaddress, "Hello!");
// whenever we see a new client in this swarm
b.on("seen", function(address) {
// e.g. send a message to the client we've seen with this address
});
// you can also close a bugout channel to stop receiving messages etc.
b.close();
Note that you can connect to a generic peer-to-peer swarm without a server by simply using a non-public-key identifier which can be any string as long as it's the same for every client connecting:
var b = new Bugout("some shared swarm identifier");
The quick-start boilerplate server in a single HTML file will quickly get you up and running with your own Bugout server.
See the API documentation for options.
localStorage.debug = "bugout";
Bugout servers can deployed and run inside of browser tabs on long running PCs but you can also deploy them "headless" more like traditional servers. There are a couple of ways of doing that as follows:
Bugout launcher is a nodejs based helper script to launch and run your Bugout servers from the command line using a headless browser instance.
Check out the nodejs demo for an example of running a Bugout service under Node. Note that the wrtc
library is not that stable at the time of writing and running Bugout in headless Chrome or Firefox seems to work better. Bugout servers running inside nodejs obviously won't have access to browser facilities like localStorage.
Subscribe at bugout.network for updates and new releases.
Infected with the FAMGA virus everybody's eating brains. Time to grab yr bugout box & hit the forest.
FAQs
Backend web services over WebRTC.
The npm package bugout receives a total of 11 weekly downloads. As such, bugout popularity was classified as not popular.
We found that bugout demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.