Research
Recent Trends in Malicious Packages Targeting Discord
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
eonc
Advanced tools
Readme
EONC is a fast Rest-Application framework for NodeJS, makes building rest applications easy. EONC framework supports endpoints (known as api's), types, global schemas and express/connect middlewares.
const eonc = require('./');
const http = require('http');
const app = eonc.server();
// gzip/deflate outgoing responses
const compression = require('compression');
app.use(compression());
// store session state in browser cookie
const cookieSession = require('cookie-session');
app.use(cookieSession({
keys: ['secret1', 'secret2']
}));
const ep = eonc.endpoint();
ep.GET({
id: "long",
name: {
type: "string",
minSize: 3,
maxSize: 15,
onvalidate: function (type, inp) {
return inp + " validated";
}
},
date: "date?", // optional
obj: {
type: "object",
optional: true,
minOccurs: 0,
maxOccurs: 0,
items: {
a: "integer",
b: "number?",
c: "string"
}
}
},
function (req, res) {
res.end(JSON.stringify(req.args));
});
ep.PUT("id:long; name:string(3-15); date:date?", function (req, res) {
res.end(JSON.stringify(req.args));
});
app.use('/app/ping', ep);
//create node.js http server and listen on port
http.createServer(app).listen(5000);
EONC is a extensible framework that supports both middleware and endpoint.
$ npm install eonc
The main component is a EONC "app". This will store all the middleware and endpoint added and is, itself, a function.
const app = eonc.server();
Endpoints are the api's in your rest application. An endpoint can handle one, many or all http methods. EONC process type checking and converting for input parameters before calling endpoint handler.
let ep = eonc.endpoint();
// Endpoint will handle GET, PUT and DELETE methods
ep.GET("id:long", function (req, res) {
res.end("Your id is " + req.args.id);
});
ep.PUT("id:long; name:string(3-15)", function (req, res) {
res.end("Your name updated with " + req.args.name);
});
ep.DELETE("id:long", function (req, res) {
res.end("Your id is delete");
});
app.use("/path/to/api1", ep);
ep = eonc.endpoint();
// Endpoint will handle all methods
ep.ALL("foo:string", function (req, res) {
res.end(req.attr.foo);
});
app.use("/path/to/api2", ep);
Type checking and conversion is the powerful part of the EONC framework. It quaranties you will get the exact type of request parameters in your endpoint handler. Defining types is very easy.
1.Type definition objects
ep.GET(
{
field1: {
type: "integer",
optional: true, // default false
minValue: 1,
maxValue: 100, // field value must be between 1-100
minOccurs: 0,
maxOccurs: 10, // this is an array field that can have 10 items max
onvalidate: function (type, inp) {
// custom validation handler
return inp;
}
}, // Integer field
field2: {
type: "string",
minSize: 3,
maxSize: 15, // String length must between 3 and 15
pattern: /^\w+$/ // Value must match the regex pattern.
},
date: "date?", // optional date value
obj: { // Object field with 3 sub items
type: "object",
optional: true,
items: {
a: "integer",
b: "number?",
c: "string"
}
}
},
handler);
2.Type definition strings
ep.GET(
{
field1: "integer", // Integer field
field2: "integer[]", // Integer array field
field3: "integer?[1-10]", // Optional field can have integer array that have at least 1, max 10 items
field4: "integer(1-100)", // Field must have integer values between 1 and 100
field5: "integer?(1-100)[1-10]", // Optional array field with value range checking
field6: "string?(3-15)/\w+/", // Optional string field with value pattern checking
},
handler);
Global schemas can be used in an EONC application. This helps you define global types and use them in your endpoints.
let schema1 = eonc.schema("ns1:http://app1.anyurl.com");
schema1.define("ID", "number");
schema1.define("Name", "string(3-30)");
let schema2 = eonc.schema("ns2:http://app2.anyurl.com");
schema2.define("CustomType", {
type: "object",
items: {
a: "number",
b: "string",
c: "date?"
}
});
Once you created a schema object and define types in it, you can use that types anywhere in your application.
let ep = eonc.endpoint();
ep.GET("id:ns1:ID; name:ns1:Name; data:ns2:CustomType", handler);
The core of middleware support is extended from connect project. Take a look at connect repository for detailed use of middlewares.
>= 6.x
;FAQs
Easy to use web framework for fast restful applications
We found that eonc demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.