Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
heroku-pinger
Advanced tools
A simple ping scheduler to prevent free Heroku apps from going to sleep when they shouldn't.
A simple ping scheduler to prevent free Heroku apps from going to sleep when they shouldn't.
Heroku dynos will fall asleep every 30 minutes if there is no activity on an application. The issue is that interaction via WebSockets is not considered "activity". This means that apps relying on WebSockets (such as real-time HTML5 multiplayer games), will fall asleep unless somebody new joins, or refreshes the page (who wants to reset their game?). Of course, this isn't relevant for any big projects in production, but it's really useful when you want to show off your flashy new prototype to your friends.
Heroku-pinger DOES NOT simply ping your Heroku app every 29 minutes, instead, you call a method, .schedulePing()
, which will set a timer to ping your app (default is 29 minutes). This way, your app will still be able to fall asleep (thus conserving your free hours) when there is no activity.
npm install --save heroku-pinger
const pinger = require('heroku-pinger')(url, options);
pinger.schedulePing()
- Schedule a ping.
options.cooldown
- Specify the ping delay after .schedulePing()
is called, in milliseconds. Defaults to 29 minutes.
// Other dependecies, eg express, etc.
const SITE_URL = "https://yourapp.herokuapp.com";
const herokuPinger = require('heroku-pinger');
const pinger = herokuPinger(SITE_URL);
const io = require('socket.io')(server);
// App routing, etc.
io.on('connection', (socket) => {
socket.on('chat message', function(data) {
socket.broadcast.emit('chat message', data);
pinger.schedulePing();
});
});
Neither this project nor the project's creator are associated with Heroku.
If you have any criticisms, questions, suggestions, or simply want to talk, you can email me at pscott@zeptohost.com
FAQs
A simple ping scheduler to prevent free Heroku apps from going to sleep when they shouldn't.
The npm package heroku-pinger receives a total of 0 weekly downloads. As such, heroku-pinger popularity was classified as not popular.
We found that heroku-pinger demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.