Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
edgedriver
Advanced tools
An NPM wrapper for Microsofts' EdgeDriver. It manages to download various (or the latest) Edgedriver versions and provides a programmatic interface to start and stop it within Node.js. Note: this is a wrapper module. If you discover any bugs with EdgeDriver, please report them in the official repository.
You can install this package via:
npm install edgedriver
Once installed you can start Edgedriver via:
npx edgedriver --port=4444
By default, this package downloads Edgedriver when used for the first time through the CLI or the programmatical interface. If you like to download it as part of the NPM install process, set the EDGEDRIVER_AUTO_INSTALL
environment flag, e.g.:
EDGEDRIVER_AUTO_INSTALL=1 npm i
To get a list of available CLI options run npx edgedriver --help
. By default this package tries to find the Mircosoft Edge version installed on a given system. If you prefer to have it install a custom EdgeDriver version you can define the environment variable EDGEDRIVER_VERSION
when running in CLI, e.g.:
$ npm i edgedriver
$ EDGEDRIVER_VERSION=105.0.1343.33 npx edgedriver --version
Microsoft Edge WebDriver 105.0.1343.33 (4122bb4646b33f33bca5d269490b9caadfc452b2)
Use HTTPS_PROXY
or HTTP_PROXY
to set your proxy URL.
You can import this package with Node.js and start the driver as part of your script and use it e.g. with WebdriverIO.
The package exports a start
, findEdgePath
and download
method.
start
Starts an EdgeDriver instance and returns a ChildProcess
. If EdgeDriver is not downloaded it will download it for you.
Params: EdgedriverParameters
- options to pass into EdgeDriver (see below)
Example:
import { start } from 'edgedriver';
import { remote } from 'webdriverio';
import waitPort from 'wait-port';
/**
* first start EdgeDriver
*/
const cp = await start({ port: 4444 });
/**
* wait for EdgeDriver to be up
*/
await waitPort({ port: 4444 });
/**
* then start WebdriverIO session
*/
const browser = await remote({ capabilities: { browserName: 'msedge' } });
await browser.url('https://webdriver.io');
console.log(await browser.getTitle()); // prints "WebdriverIO · Next-gen browser and mobile automation test framework for Node.js | WebdriverIO"
/**
* kill Edgedriver process
*/
cp.kill();
Note: as you can see in the example above this package does not wait for the driver to be up, you have to manage this yourself through packages like wait-on
.
download
Method to download an EdgeDriver with a particular version. If version parameter is omitted it tries to detect the version based on the Edge browser installed on the system.
Params: string
- version of Edgedriver to download (optional)
Returns: string
- path to Edgedriver binary
findEdgePath
The findEdgePath
is a helper method to find the Microsoft Egde binary on given system. If there is a EDGE_BINARY_PATH
environment set, it will return that value.
Returns: string
- path to Microsoft Edge binary
In case your module uses CJS you can use this package as follows:
const { start } = require('edgedriver')
// see example above
This allows you to use your own endpoints for downloading Edgedriver binaries. It is useful in air gapped scenarios or if you have download restrictions, such as firewalls. You can either set an environment variable:
$ npm i edgedriver
$ EDGEDRIVER_CDNURL=https://msedgedriver.azureedge.net npx edgedriver --version
or create a .npmrc
with the following content:
edgedriver_cdnurl=https://msedgedriver.azureedge.net
The start
method offers the following options to be passed on to the actual Edgedriver CLI.
The version of EdgeDriver to start. See Egdedriver directory list for all available versions, platforms and architecture.
Type: number
Default: latest
The port on which the driver should run.
Example: 9515
Type: number
The port on which the ADB driver should run.
Example: 9515
Type: number
Base URL path prefix for commands, e.g. wd/url
.
Example: /
Type: string
Write server log to file instead of stderr, increases log level to INFO
Type: string
Set log level. Possible options ALL
, DEBUG
, INFO
, WARNING
, SEVERE
, OFF
.
Type: string
Log verbosely (equivalent to --log-level=ALL
)
Type: boolean
Log nothing (equivalent to --log-level=OFF
)
Type: boolean
Append log file instead of rewriting.
Type: boolean
Log verbosely and don't truncate long strings so that the log can be replayed (experimental).
Type: boolean
Add readable timestamps to log.
Type: boolean
Show logs from the browser (overrides other logging options).
Type: boolean
Custom bidi mapper path.
Type: string
Comma-separated allowlist of remote IP addresses which are allowed to connect to EdgeDriver.
Type: string[]
Default: ['']
Comma-separated allowlist of request origins which are allowed to connect to EdgeDriver. Using *
to allow any host origin is dangerous!
Type: string[]
Default: ['*']
The path to the root of the cache directory.
Type: string
Default: process.env.EDGEDRIVER_CACHE_DIR || os.tmpdir()
Don't download EdgeDriver, instead use a custom path to it, e.g. a cached binary.
Type: string
Default: process.env.EDGEDRIVER_PATH
For more information on WebdriverIO see the homepage.
FAQs
Microsofts' EdgeDriver for Node.js
We found that edgedriver demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.