Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
bybit-api
Advanced tools
An unofficial node.js lowlevel wrapper for the Bybit Cryptocurrency Derivative exchange API
An unofficial node.js lowlevel wrapper for the Bybit Cryptocurrency Derivative exchange API. Forked from @pxtrn/bybit-api, due to low activity on fixes & improvements.
npm install --save bybit-api
Create API credentials at bybit (obviously you need to be logged in):
Most of the documentation is in Bybit's official API docs. Most of this library's methods accept objects that directly correspond to expectations from Bybit's API docs.
const {RestClient} = require('bybit-api');
const API_KEY = 'xxx';
const PRIVATE_KEY = 'yyy';
const client = new RestClient(API_KEY, PRIVATE_KEY);
client.changeUserLeverage({leverage: 4, symbol: 'ETHUSD'})
.then(result => {
console.log(result);
})
.catch(err => {
console.error(error);
});
See rest client api docs for further information.
const {WebsocketClient} = require('bybit-api');
const API_KEY = 'xxx';
const PRIVATE_KEY = 'yyy';
const ws = new WebsocketClient({key: API_KEY, secret: PRIVATE_KEY});
ws.subscribe(['position', 'execution', 'trade']);
ws.subscribe('kline.BTCUSD.1m');
ws.on('open', function() {
console.log('connection open');
});
ws.on('update', function(message) {
console.log('update', message);
});
ws.on('response', function(response) {
console.log('response', response);
});
ws.on('close', function() {
console.log('connection closed');
});
ws.on('error', function(err) {
console.error('ERR', err);
});
See websocket client api docs for further information.
Pass a custom logger which supports the log methods silly
, debug
, notice
, info
, warning
and error
, or override methods from the default logger as desired:
const { RestClient, WebsocketClient, DefaultLogger } = require('bybit-api');
// Disable all logging on the silly level
DefaultLogger.silly = () => {};
const API_KEY = 'xxx';
const PRIVATE_KEY = 'yyy';
const ws = new WebsocketClient({key: API_KEY, secret: PRIVATE_KEY}, DefaultLogger);
This library was started by @pixtron. If this library helps you to trade better on bybit, feel free to donate a coffee to @pixtron or create a bybit account using his ref link.
1Fh1158pXXudfM6ZrPJJMR7Y5SgZUz4EdF
0x21aEdeC53ab7593b77C9558942f0c9E78131e8d7
LNdHSVtG6UWsriMYLJR3qLdfVNKwJ6GSLF
If you found this project interesting or useful, create accounts with my referral links:
Or feed my coffee addiction using any of these:
1C6GWZL1XW3jrjpPTS863XtZiXL1aTK7Jk
0xd773d8e6a50758e1ada699bb6c4f98bb4abf82da
Contributions are encouraged, I will review any incoming pull requests. See the issues tab for todo items.
FAQs
Complete & robust Node.js SDK for Bybit's REST APIs and WebSockets, with TypeScript & strong end to end tests.
The npm package bybit-api receives a total of 11,271 weekly downloads. As such, bybit-api popularity was classified as popular.
We found that bybit-api demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.