Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
energyhub-events
Advanced tools
An attempted solution for the [EnergyHub Coding Sample](https://gist.github.com/lseidman3/8951d958d345da5b2262a929315e6b40).
An attempted solution for the EnergyHub Coding Sample.
NPM is required to install this package. Node.js required to execute this package.
This package was developed with Node v6.11.2 and NPM v3.10.10 on macOS Sierra 10.12.16. This package has been tested with Node v6.11.2 and Node v10.12.0 on macOS Sierra 10.12.16.
For directions on installing Node (which bundles NPM), visit the Node.js website.
$ npm install -g energyhub-events
The general format for executing the package is:
$ energyhub-events [--field <field>[...]] \
[--driver-option <key=value>[...] \
[--optimize <optimization>] \
<uri> <date-time>
To see the available optimizations:
$ energyhub-events --help
The available drivers can by seen with:
$ energyhub-events driver list
To see the options accepted by a driver:
$ energyhub-events driver describe <driver>
$ energyhub-events --field schedule \
--field ambientTemp \
audit-data.tar.gz \
2016-05-04T10:15:32
{"state":{"ambientTemp":73,"schedule":true},"ts":"2016-05-04T10:15:32"}
$ energyhub-events --driver-option accessKeyId=<accessKeyId> \
--driver-option secretAccessKey=<secretAccessKey> \
--field schedule \
--field ambientTemp \
s3://net.energyhub.assets/public/dev-exercises/audit-data.tar.gz \
2016-05-04T10:15:32
{"state":{"ambientTemp":73,"schedule":true},"ts":"2016-05-04T10:15:32"}
Note the appearance in the above command of two --driver-option
flags.
Caching remote files
By default, reading an S3 object will result in the object being saved to
the local cache directory (by default, $HOME/.cache/energyhub-events
).
Subsequent requests for that S3 object will be directed to the local cache directory rather that the remote S3 endpoint.
To use a cache directory other than the default, supply a --cache-dir
flag,
e.g.:
$ energyhub-events --cache-dir /tmp/.energyhub-events-cache \
--driver-option accessKeyId=<accessKeyId> \
--driver-option secretAccessKey=<secretAccessKey> \
--field schedule \
--field ambientTemp \
s3://net.energyhub.assets/public/dev-exercises/audit-data.tar.gz \
2016-05-04T10:15:32
To disable the use of caching, supply either the no-cache-remote-data
or
none
optimizations, e.g.:
$ energyhub-events --optimize no-cache-remote-data \
--driver-option accessKeyId=<accessKeyId> \
--driver-option secretAccessKey=<secretAccessKey> \
--field schedule \
--field ambientTemp \
s3://net.energyhub.assets/public/dev-exercises/audit-data.tar.gz \
2016-05-04T10:15:32
To download sources, some additional dependencies may be required.
With Git
$ git clone git@github.com:maxenglander/energyhub-events
$ cd energyhub-events
For directions on installing Git, visit the Git website.
With cURL and tar
$ curl -sL https://github.com/maxenglander/energyhub-events/tarball/master.tar.gz | tar xzf -
$ cd energyhub-events-master
Installing cURL and tar is outside of the scope of this project.
After downloading sources, change directory into the source code folder and run
npm install
. For example, if you downloaded sources with Git:
$ cd energyhub-events
$ npm install
$ npm test
FAQs
An attempted solution for the [EnergyHub Coding Sample](https://gist.github.com/lseidman3/8951d958d345da5b2262a929315e6b40).
The npm package energyhub-events receives a total of 0 weekly downloads. As such, energyhub-events popularity was classified as not popular.
We found that energyhub-events demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.