Research
Recent Trends in Malicious Packages Targeting Discord
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
discord-portable-player
Advanced tools
Readme
Complete framework to facilitate music commands using discord.js.
$ npm install --save discord-portable-player
$ npm install --save @discordjs/opus
A simple & easy to use, beginner friendly package with amazing features such as Audio filters, Custom extractor support & many more!
First of all, you will need to register slash commands:
const { token, clientId } = require('./config.json');
const { Routes, REST, SlashCommandBuilder } = require('discord.js');
const commands = [
new SlashCommandBuilder().setName('play').setDescription('play a song').addStringOption(option => option.setName('query').setDescription('The query to search for').setRequired(true))
].map(command => command.toJSON());
const rest = new REST({ version: '10' }).setToken(token);
(async () => {
try {
console.log('Started refreshing application [/] commands.');
await rest.put(
Routes.applicationCommands(clientId),
{ body: commands },
);
console.log('Successfully reloaded application [/] commands.');
} catch (error) {
console.error(error);
}
})();
Now you can implement your bot's logic:
const { Client, GatewayIntentBits } = require("discord.js");
const client = new Client({ intents: [GatewayIntentBits.Guilds, GatewayIntentBits.GuildMessages, GatewayIntentBits.GuildVoiceStates]});
const { token } = require('./config.json');
const { Player } = require("discord-portable-player");
// Create a new Player (you don't need any API Key)
const player = new Player(client);
client.once("ready", () => {
console.log("I'm ready !");
});
client.on("interactionCreate", async (interaction) => {
if (!interaction.isChatInputCommand()) return;
// /play track: Marshmello - Together
if (interaction.commandName === "play") {
if (!interaction.member.voice.channel) return await interaction.reply({ content: "You are not in a voice channel!", ephemeral: true });
if (interaction.guild.members.me.voice.channel && interaction.member.voice.channel !== interaction.guild.members.me.voice.channel) return await interaction.reply({ content: "You are not in my voice channel!", ephemeral: true });
const query = interaction.options.getString("query")
const queue = player.createGuildQueue({
metadata: interaction.channel,
guild: interaction.guild
});
// Verifies the voice channel
try {
if (!queue.connection) await queue.connect(interaction.member.voice.channel);
} catch {
queue.destroy();
return await interaction.reply({ content: "Could not join your voice channel!", ephemeral: true });
}
await interaction.deferReply();
const track = await player.search(query, {
requestedBy: interaction.user
}).then(x => x.tracks[0]);
if (!track) return await interaction.followUp({ content: `**${query}** not found!` });
queue.play(track);
return await interaction.followUp({ content: `Loading track **${track.title}**!` });
}
});
// add the trackStart event so when a song will be played this message will be sent
player.on("trackStart", (queue, track) => queue.metadata.send(`🎶 | Now playing **${track.title}**!`))
client.login(token);
By default, discord-portable-player supports:
FAQs
Easy to use, framework to facilitate music commands using discord.js
The npm package discord-portable-player receives a total of 63 weekly downloads. As such, discord-portable-player popularity was classified as not popular.
We found that discord-portable-player demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.