Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
decooda-media-recorder
Advanced tools
The decooda-media-recorder is a js library for recording video (h.264) and audio (opus) to be used across Decooda's frontend applications. The base component has four main stages: initial, recording, playback, and submission.
Node version v14.8.0 and npm version 6.14.11 are used for development.
First run
npm install
to in install all packages. Finally run
npm start
to open a webpage of the decooda-media-recorder dashboard
In root directory of app:
First run
npm install decooda-media-recorder
Import the library
import MediaRecorder from 'decooda-media-recorder'
The component accepts the following props:
recordingControls || true or false || whether to display controls during video recording
getRecordedBlob || func || function passed by host to library to retrieve the recorded blob
audioOnly || true or false || whether to display audio recording only vs both audio and video
insertTitle || true or false || whether to prompt user for title of media
showLinkBtn || true or false || whether to show insert link button
showUploadBtn || true or false || whether to show upload media button
const getRecordedBlob = (blob) => {
//the func will send the recorded blob obj that the host can save or upload:
//console.log(blob)
/*
output:
{
title: "test"
time: date,
//the raw recorded blob
blobRaw: recordedBlob,
//the blob url
blobURL: url
//the blob as a data url
blobFile: file
}
*/
//do something with blob
}
<MediaRecorder
recordingControls={true}
getRecordedBlob={getRecordedBlob}
audioOnly={false}
insertTitle={false}
showLinkBtn={false}
showUploadBtn={false}
/>
FAQs
Media recorder and player with visualizer bars
We found that decooda-media-recorder demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.