Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
cloudevents-sdk
Advanced tools
npm install cloudevents
The CloudEvents SDK for JavaScript.
Note: Supports CloudEvent versions 0.3, 1.0
The CloudEvents SDK requires a current LTS version of Node.js. At the moment those are Node.js 10.x and Node.js 12.x. To install in your Node.js project:
npm install cloudevents-sdk
You can choose almost any popular web framework for port binding. Use an
HTTPReceiver
to process the incoming HTTP request. The receiver accepts
binary and structured events in either the 1.0 or 0.3 protocol formats.
const {
CloudEvent,
HTTPReceiver
} = require("cloudevents-sdk");
// Create a receiver to accept events over HTTP
const receiver = new HTTPReceiver();
// body and headers come from an incoming HTTP request, e.g. express.js
const receivedEvent = receiver.accept(req.body, req.headers);
console.log(receivedEvent.format());
To emit events, you'll need to decide whether the event should be sent in binary or structured format, and determine what version of the CloudEvents specification you want to send the event as.
By default, the HTTPEmitter
will emit events over HTTP POST using the
1.0 specification, in binary mode. You can emit 0.3 events by providing
the specication version in the constructor to HTTPEmitter
. To send
structured events, add that string as a parameter to emitter.sent()
.
const { CloudEvent, HTTPEmitter } = require("cloudevents-sdk");
// With only an endpoint URL, this creates a v1 emitter
const v1Emitter = new HTTPEmitter({
url: "https://cloudevents.io/example"
});
const event = new CloudEvent({
type, source, data
});
// By default, the emitter will send binary events
v1Emitter.send(event).then((response) => {
// handle the response
}).catch(console.error);
// To send a structured event, just add that as an option
v1Emitter.send(event, { mode: "structured" })
.then((response) => {
// handle the response
}).catch(console.error);
// To send an event to an alternate URL, add that as an option
v1Emitter.send(event, { url: "https://alternate.com/api" })
.then((response) => {
// handle the response
}).catch(console.error);
// Sending a v0.3 event works the same, just let the emitter know when
// you create it that you are working with the 0.3 spec
const v03Emitter = new HTTPEmitter({
url: "https://cloudevents.io/example",
version: "0.3"
});
// Again, the default is to send binary events
// To send a structured event or to an alternate URL, provide those
// as parameters in a options object as above
v3Emitter.send(event)
.then((response) => {
// handle the response
}).catch(console.error);
v0.3 | v1.0 | |
---|---|---|
CloudEvents Core | :heavy_check_mark: | :heavy_check_mark: |
AMQP Protocol Binding | :x: | :x: |
AVRO Event Format | :x: | :x: |
HTTP Protocol Binding | :heavy_check_mark: | :heavy_check_mark: |
JSON Event Format | :heavy_check_mark: | :heavy_check_mark: |
Kafka Protocol Binding | :x: | :x: |
NATS Protocol Binding | :x: | :x: |
STAN Protocol Binding | :x: | :x: |
@fabiojose
on slack).We love contributions from the community! Please check the Contributor's Guide for information on how to get involved.
FAQs
CloudEvents SDK for JavaScript
The npm package cloudevents-sdk receives a total of 296 weekly downloads. As such, cloudevents-sdk popularity was classified as not popular.
We found that cloudevents-sdk demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.