Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
bybit-api
Advanced tools
A production-ready Node.js connector for the Bybit APIs and WebSockets.
npm install --save bybit-api
Create API credentials at Bybit
Most methods accept JS objects. These can be populated using parameters specified by Bybit's API documentation.
const {RestClient} = require('bybit-api');
const API_KEY = 'xxx';
const PRIVATE_KEY = 'yyy';
const client = new RestClient(API_KEY, PRIVATE_KEY);
client.changeUserLeverage({leverage: 4, symbol: 'ETHUSD'})
.then(result => {
console.log(result);
})
.catch(err => {
console.error(err);
});
See inverse rest-client.js for further information.
const {WebsocketClient} = require('bybit-api');
const API_KEY = 'xxx';
const PRIVATE_KEY = 'yyy';
const wsConfig = {
key: API_KEY,
secret: PRIVATE_KEY,
// The following parameters are optional:
// defaults to false == testnet. set to true for livenet.
// livenet: true
// override which URL to use for websocket connections
// wsUrl: 'wss://stream.bytick.com/realtime'
// how often to check (in ms) that WS connection is still alive
// pingInterval: 10000,
// how long to wait (in ms) before deciding the connection should be terminated & reconnected
// pongTimeout: 1000,
// how long to wait before attempting to reconnect (in ms) after connection is closed
// reconnectTimeout: 500,
// config options sent to RestClient (used for time sync). See RestClient docs.
// restOptions: { },
// config for axios to pass to RestClient. E.g for proxy support
// requestOptions: { }
};
const ws = new WebsocketClient(wsConfig);
ws.subscribe(['position', 'execution', 'trade']);
ws.subscribe('kline.BTCUSD.1m');
ws.on('open', () => {
console.log('connection open');
});
ws.on('update', message => {
console.log('update', message);
});
ws.on('response', response => {
console.log('response', response);
});
ws.on('close', () => {
console.log('connection closed');
});
ws.on('error', err => {
console.error('ERR', err);
});
See inverse websocket-client.js & ws api docs for further information.
Pass a custom logger which supports the log methods silly
, debug
, notice
, info
, warning
and error
, or override methods from the default logger as desired:
const { RestClient, WebsocketClient, DefaultLogger } = require('bybit-api');
// Disable all logging on the silly level
DefaultLogger.silly = () => {};
const ws = new WebsocketClient({key: 'xxx', secret: 'yyy'}, DefaultLogger);
If you found this project interesting or useful, create accounts with my referral links:
Or buy me a coffee using any of these:
1C6GWZL1XW3jrjpPTS863XtZiXL1aTK7Jk
0xd773d8e6a50758e1ada699bb6c4f98bb4abf82da
The original library was started by @pixtron. If this library helps you to trade better on bybit, feel free to donate a coffee to @pixtron:
1Fh1158pXXudfM6ZrPJJMR7Y5SgZUz4EdF
0x21aEdeC53ab7593b77C9558942f0c9E78131e8d7
LNdHSVtG6UWsriMYLJR3qLdfVNKwJ6GSLF
Contributions are encouraged, I will review any incoming pull requests. See the issues tab for todo items.
FAQs
Complete & robust Node.js SDK for Bybit's REST APIs and WebSockets, with TypeScript & strong end to end tests.
The npm package bybit-api receives a total of 4,412 weekly downloads. As such, bybit-api popularity was classified as popular.
We found that bybit-api demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.