Security News
Research
Destructive npm Packages Disguised as Utilities Enable Remote System Wipe
Socket uncovered two npm packages that register hidden HTTP endpoints to delete all files on command.
By Kush Pandya - Jun 05, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
cabal-client
Advanced tools
cabal-client
cabal-client is a new type of client library for cabal chat clients.
New chat clients can be implemented using only this library, without having
to mess around with cabal-core
anymore.
Some of its features:
- consolidates logic common to all chat clients
- leaving and joining of channels
- virtual messages (such as status messages) and virtual channels (currently only the
!statuschannel) - handling multiple cabal instances
- receiving unread notifications and mentions for channels
- resolving of DNS shortnames (cabal.chat) to cabal keys
For a couple of brief examples, see the examples/ directory.
Usage
See cabal-cli for an example client implementation.
var Client = require('cabal-client')
const client = new Client({
config: {
dbdir: '/tmp/cabals'
}
})
client.createCabal()
.then((cabal) => {
// resolves when the cabal is ready, returns a CabalDetails instance
})
Concepts
cabal-client has three core abstractions:
Client,
CabalDetails and
ChannelDetails.
Client is the
entrypoint. It has a list of CabalDetails (one details for each joined cabal) as well as an API for interacting with
a cabal (getting a count of the new messages for a channel, the joined channels for the current peer etc).
CabalDetails is the
instance that clients mostly operate on, as it encapsulates all information for a particular cabal. (joined channels,
users in that channel, the topic). It also emits events.
When a change has happened, a CabalDetails instance will call this._emitUpdate(). When a client receives this
event, they should update their state & rerender. (Check out how the cli does
it.)
ChannelDetails
encapsulates everything channels (mentions in that channel, status messages for the channel (like having called a
command eg /names, when it was last read, if it's currently being viewed, if it's joined and so on). It also has a
barebones implementation for virtual channels, which currently is only the !status channel.
Install
With npm installed, run
$ npm install cabal-client
Developing
Changelog
See the instructions for generating the changelog in the cabal-core readme.
License
AGPL-3.0-or-later
[8.0.2] - 2024-01-25
Fixed
- Fix race condition preventing message listeners from being set.
FAQs
helper module for cabal clients
The npm package cabal-client receives a total of 11 weekly downloads. As such, cabal-client popularity was classified as not popular.
We found that cabal-client demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Package last updated on 25 Jan 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
Malicious Ruby Gems Exfiltrate Telegram Tokens and Messages Following Vietnam Ban
Malicious Ruby gems typosquat Fastlane plugins to steal Telegram bot tokens, messages, and files, exploiting demand after Vietnam’s Telegram ban.
By Kirill Boychenko - Jun 03, 2025
Research
Security News
Malicious npm Packages Target BSC and Ethereum to Drain Crypto Wallets
Socket uncovered four malicious npm packages that exfiltrate up to 85% of a victim’s Ethereum or BSC wallet using obfuscated JavaScript.
By Olivia Brown - Jun 02, 2025