Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
discord-player
Advanced tools
Discord Player is a robust framework for developing Discord Music bots using JavaScript and TypeScript. It is built on top of the @discordjs/voice library and offers a comprehensive set of customizable tools, making it one of the most feature enrich framework in town.
Discord Player requires Discord.js 14.0 or higher. Please ensure that you have a compatible version by running npm list discord.js
in your terminal. If you're using an earlier version, please update it. The discord.js Guide provides resources to assist you with the update process.
$ npm install --save discord-player # main library
$ npm install --save @discord-player/extractor # extractors provider
Discord Player recognizes
@discord-player/extractor
and loads it automatically by default. Just invokeawait player.extractors.loadDefault()
.
Since Discord only accepts opus packets, you need to install the opus library. Choose one of the following options:
$ npm install --save @discordjs/opus
# or
$ npm install --save opusscript
FFmpeg or Avconv is required for media transcoding. You can obtain it from https://ffmpeg.org or install it via npm (we recommend against using ffmpeg-static or other binaries):
$ npm install --save ffmpeg-static
# or
$ npm install --save @ffmpeg-installer/ffmpeg
# or
$ npm install --save @node-ffmpeg/node-ffmpeg-installer
# or
$ npm install --save ffmpeg-binaries
Use
FFMPEG_PATH
environment variable to load ffmpeg from custom path.
If you want to add support for YouTube playback, you need to install a streaming library. Choose one of the following options:
$ npm install --save ytdl-core
# or
$ npm install --save play-dl
# or
$ npm install --save @distube/ytdl-core
# or
$ npm install --save yt-stream
Once you have completed these installations, let's proceed with writing a simple music bot.
Let's create a main player instance. This instance handles and keeps track of all the queues and its components.
const { Player } = require('discord-player');
// get some extractors if you want to handpick sources
const { SpotifyExtractor, SoundCloudExtractor } = require('@discord-player/extractor');
const client = new Discord.Client({
// Make sure you have 'GuildVoiceStates' intent enabled
intents: ['GuildVoiceStates' /* Other intents */]
});
// this is the entrypoint for discord-player based application
const player = new Player(client);
// This method will load all the extractors from the @discord-player/extractor package
await player.extractors.loadDefault();
// If you dont want to use all of the extractors and register only the required ones manually, use
await player.extractors.register(SpotifyExtractor, {});
await player.extractors.register(SoundCloudExtractor, {});
Discord Player is mostly events based. It emits different events based on the context and actions. Let's add a basic event listener to notify the user when a track starts to play:
// this event is emitted whenever discord-player starts to play a track
player.events.on('playerStart', (queue, track) => {
// we will later define queue.metadata object while creating the queue
queue.metadata.channel.send(`Started playing **${track.title}**!`);
});
Let's move on to the command part. You can define the command as per your requirements. We will only focus on the command handler part:
async function execute(interaction) {
const channel = interaction.message.member.voice.channel;
if (!channel) return interaction.reply('You are not connected to a voice channel!'); // make sure we have a voice channel
const query = interaction.options.getString('query', true); // we need input/query to play
// let's defer the interaction as things can take time to process
await interaction.deferReply();
try {
const { track } = await player.play(channel, query, {
nodeOptions: {
// nodeOptions are the options for guild node (aka your queue in simple word)
metadata: interaction // we can access this metadata object using queue.metadata later on
}
});
return interaction.followUp(`**${track.title}** enqueued!`);
} catch (e) {
// let's return error if something failed
return interaction.followUp(`Something went wrong: ${e}`);
}
}
That's all it takes to build your own music bot. Please check out the Documentation for more features/functionalities.
Explore a curated list of resources built by the Discord Player community, including open-source music bots and extractors. Visit https://discord-player.js.org/showcase for more information.
FAQs
Complete framework to facilitate music commands using discord.js
The npm package discord-player receives a total of 2,638 weekly downloads. As such, discord-player popularity was classified as popular.
We found that discord-player demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.