Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
connection-manager
Advanced tools
Store, checkout & keepalive active connections from multiple locations in your code-base.
Store and retreive active connections from multiple locations in your code-base, keep connection alive as long as there are references to it. One all references are lost, the connection is terminated using the provided callback.
This module was designed to be used in a situation where a single connection might need to be shared amongst several places in the code, and should be automatically destroyed once there are no more references.
var cm = require('connection-manager')('MY_APPS_CONNECTIONS', {
id: 'unique_to_this_object_instance',
foo: 'bar', // always added to the scope of the callbacks defined below
hello: ['country', 'world', 'universe']
});
cm.create({
id: 'irc://user@irc.freenode.net', // unique identifier
timeout: 10000, // time to wait before cancelling the connect operation
credentials: { // used to connect & re-connect
nick: 'user',
host: 'irc.freenode.net'
},
connect: function (cb) {
conn.on('connect', function (connection) {
cb(null, connection);
});
conn.on('error', function (err) {
cb(err);
});
// attempting to connect...
conn.open(this.credentials);
},
listeners: {
join: function (object) {
// joined channel
console.log(this.scope.hello); // ['country', 'world', 'universe']
},
leave: function (object) {
// left channel
console.log(this.scope.foo); // 'bar'
}
},
addListener: function (name, func) {
// for each listener defined, the addListener function
// is called during a connect or reconnect.
this.connection.on(name, func);
},
removeListener: function (name, func) {
// for each listener defined, the removeListener function
// is called during a connect or reconnect.
this.connection.off(name, func);
},
disconnect: function (cb) {
// disconnect the connection
this.connection.close();
cb();
}
},
function (err, client) {
if (err) {
// error during connection object creation
}
// connection object has been created
console.log('id: ' + client.id); // 'irc://user@irc.freenode.net'
// client.connection is the actual connection object returned
// during the `connect` call
client.connection.send('this is a pretend message for a pretend connection');
// the connection manager will keep a reference count for anyone who's
// fetched the object
console.log('references: ' + client.references); // 1
});
Elsewhere in the code:
var connectionManager = require('connection-manager');
var cm = connectionManager('MY_APPS_CONNECTIONS', {
id: 'this_is_unique_to_this_object_instance',
foo: { bar: 'baz' }, // always added to the scope of the callbacks for this instance
hello: 'goodbye'
});;
var credentials = {
nick: 'user',
host: 'irc.freenode.net'
};
var client = cm.get('irc://user@irc.freenode.net', credentials); // listeners for this scope are added with the above object
console.log('references: ' + client.references); // 2
// if a `join` event happens, the listener callback will be called with the above scope
// so 'goodbye' will be printed
client.connection.send('this is another pretend message');
FAQs
Store, checkout & keepalive active connections from multiple locations in your code-base.
The npm package connection-manager receives a total of 114 weekly downloads. As such, connection-manager popularity was classified as not popular.
We found that connection-manager demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.