Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
inoreaderupdate
Advanced tools
Node.js wrapper for the Inoreader.com API. Based on Promises. Project forked from https://github.com/johntitus/inoreader Forked to update and fix login method as it was broken and need this as an npm module. All Rights of project go to John Titus
npm install inoreaderupdate
To use:
var inoreader = require('inoreader')(appId, appKey);
Logs in as a user and gets a user token from Inoreader. Subsequent calls will reuse the users token, until a new login
call is made
Return information about the currently logged in user.
Grabs items from a stream. Options is a javascript object, with keys matching those found here.
Marks item in a stream as read that are older than timeStamp
. Timestamp is an optional unix timestamp. If omitted, the current time is used.
Returns the current user's list of subscribed feeds.
Adds a subscription for the current user to the feed.
Copyright 2018 John Titus Justin Schellenberg
Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
FAQs
Updated version of John Titus's inoreader npm package
The npm package inoreaderupdate receives a total of 0 weekly downloads. As such, inoreaderupdate popularity was classified as not popular.
We found that inoreaderupdate demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.