Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
discord-player
Advanced tools
Complete framework to facilitate music commands using discord.js.
$ npm install --save discord-player
$ npm install --save @discordjs/opus
Official FFMPEG Website: https://www.ffmpeg.org/download.html
Node Module (FFMPEG): https://npmjs.com/package/ffmpeg-static
Avconv: https://libav.org/download
First of all, you will need to register slash commands:
const { REST } = require("@discordjs/rest");
const { Routes, ApplicationCommandOptionType } = require("discord.js");
const commands = [
{
name: "play",
description: "Plays a song!",
options: [
{
name: "query",
type: ApplicationCommandOptionType.String,
description: "The song you want to play",
required: true
}
]
}
];
const rest = new REST({ version: "10" }).setToken("BOT_TOKEN");
(async () => {
try {
console.log("Started refreshing application [/] commands.");
await rest.put(Routes.applicationGuildCommands(CLIENT_ID, GUILD_ID), { body: commands });
console.log("Successfully reloaded application [/] commands.");
} catch(error) {
console.error(error);
}
})();
Now you can implement your bot's logic:
const { Client } = require("discord.js");
const client = new Discord.Client({
intents: [
"Guilds",
"GuildVoiceStates"
]
});
const { Player } = require("discord-player");
// Create a new Player (you don't need any API Key)
const player = new Player(client);
// add the trackStart event so when a song will be played this message will be sent
player.on("trackStart", (queue, track) => queue.metadata.channel.send(`🎶 | Now playing **${track.title}**!`))
client.once("ready", () => {
console.log("I'm ready !");
});
client.on("interactionCreate", async (interaction) => {
if (!interaction.isChatInputCommand()) return;
// /play track:Despacito
// will play "Despacito" in the voice channel
if (interaction.commandName === "play") {
if (!interaction.member.voice.channelId) return await interaction.reply({ content: "You are not in a voice channel!", ephemeral: true });
if (interaction.guild.members.me.voice.channelId && interaction.member.voice.channelId !== interaction.guild.members.me.voice.channelId) return await interaction.reply({ content: "You are not in my voice channel!", ephemeral: true });
const query = interaction.options.getString("query");
const queue = player.createQueue(interaction.guild, {
metadata: {
channel: interaction.channel
}
});
// verify vc connection
try {
if (!queue.connection) await queue.connect(interaction.member.voice.channel);
} catch {
queue.destroy();
return await interaction.reply({ content: "Could not join your voice channel!", ephemeral: true });
}
await interaction.deferReply();
const track = await player.search(query, {
requestedBy: interaction.user
}).then(x => x.tracks[0]);
if (!track) return await interaction.followUp({ content: `❌ | Track **${query}** not found!` });
queue.play(track);
return await interaction.followUp({ content: `⏱️ | Loading track **${track.title}**!` });
}
});
client.login("BOT_TOKEN");
By default, discord-player supports YouTube, Spotify and SoundCloud streams only.
Discord Player provides an Extractor API that enables you to use your custom stream extractor with it. Some packages have been made by the community to add new features using this API.
Optional package that adds support for vimeo
, reverbnation
, facebook
, attachment links
and lyrics
.
You just need to install it using npm i --save @discord-player/extractor
(discord-player will automatically detect and use it).
@discord-player/downloader
is an optional package that brings support for +700 websites. The documentation is available here.
These bots are made by the community, they can help you build your own!
Discord Player will by default try to implement this. If smooth volume does not work, you need to add this line at the top of your main file:
// CJS
require("discord-player/smoothVolume");
// ESM
import "discord-player/smoothVolume"
⚠️ Make sure that line is situated at the TOP of your main file.
const player = new Player(client, {
ytdlOptions: {
requestOptions: {
headers: {
cookie: "YOUR_YOUTUBE_COOKIE"
}
}
}
});
const HttpsProxyAgent = require("https-proxy-agent");
// Remove "user:pass@" if you don't need to authenticate to your proxy.
const proxy = "http://user:pass@111.111.111.111:8080";
const agent = HttpsProxyAgent(proxy);
const player = new Player(client, {
ytdlOptions: {
requestOptions: { agent }
}
});
You may also create a simple proxy server and forward requests through it. See https://github.com/http-party/node-http-proxy for more info.
Discord Player by default uses node-ytdl-core for youtube and some other extractors for other sources.
If you need to modify this behavior without touching extractors, you need to use createStream
functionality of discord player.
Here's an example on how you can use play-dl to download youtube streams instead of using ytdl-core.
const playdl = require("play-dl");
// other code
const queue = player.createQueue(..., {
...,
async onBeforeCreateStream(track, source, _queue) {
// only trap youtube source
if (source === "youtube") {
// track here would be youtube track
return (await playdl.stream(track.url, { discordPlayerCompatibility : true })).stream;
// we must return readable stream or void (returning void means telling discord-player to look for default extractor)
}
}
});
<Queue>.onBeforeCreateStream
is called before actually downloading the stream. It is a different concept from extractors, where you are just downloading
streams. source
here will be a video source. Streams from onBeforeCreateStream
are then piped to FFmpeg
and finally sent to Discord voice servers.
FAQs
Complete framework to facilitate music commands using discord.js
The npm package discord-player receives a total of 2,638 weekly downloads. As such, discord-player popularity was classified as popular.
We found that discord-player demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.