Research
Security News
Kill Switch Hidden in npm Packages Typosquatting Chalk and Chokidar
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
JSON-RPC 2.0 server and client library, with HTTP, TCP and Websocket endpoints
JSON-RPC 2.0 server and client library, with HTTP
(with Websocket
support) and TCP
endpoints
This fork is a rewrite with proper testing framework, linted code, compatible with node 0.8.x and 0.10.x, class inheritance, and added functionalities
Check jsonrpc2-tools for some nice additions to this module.
To install node-jsonrpc2 in the current directory, run:
npm install json-rpc2 --save
id
member was permissive and wouldn't actually adhere to the RFC, allowing anything besides undefined
.String
, Number
or null
, it might break if you update to 1.xFiring up an efficient JSON-RPC server becomes extremely simple:
var rpc = require('json-rpc2');
var server = rpc.Server.$create({
'websocket': true, // is true by default
'headers': { // allow custom headers is empty by default
'Access-Control-Allow-Origin': '*'
}
});
function add(args, opt, callback) {
callback(null, args[0] + args[1]);
}
server.expose('add', add);
// you can expose an entire object as well:
server.expose('namespace', {
'function1': function(){},
'function2': function(){},
'function3': function(){}
});
// expects calls to be namespace.function1, namespace.function2 and namespace.function3
// listen creates an HTTP server on localhost only
server.listen(8000, 'localhost');
And creating a client to speak to that server is easy too:
var rpc = require('json-rpc2');
var client = rpc.Client.$create(8000, 'localhost');
// Call add function on the server
client.call('add', [1, 2], function(err, result) {
console.log('1 + 2 = ' + result);
});
Create a raw (socket) server using:
var rpc = require('json-rpc2');
var server = rpc.Server.$create();
// non-standard auth for RPC, when using this module using both client and server, works out-of-the-box
server.enableAuth('user', 'pass');
// Listen on socket
server.listenRaw(8080, 'localhost');
Any class can be extended, or used as a mixin for new classes, since it uses ES5Class module.
For example, you may extend the Endpoint
class, that automatically extends Client
and Server
classes.
Extending Connection
automatically extends SocketConnection
and HttpServerConnection
.
var rpc = require('json-rpc2');
rpc.Endpoint.$include({
'newFunction': function(){
}
});
var
server = rpc.Server.$create(),
client = rpc.Client.$create();
server.newFunction(); // already available
client.newFunction(); // already available
To implement a new class method (that can be called without an instance, like rpc.Endpoint.newFunction
):
var rpc = require('json-rpc2');
rpc.Endpoint.$implement({
'newFunction': function(){
}
});
rpc.Endpoint.newFunction(); // available
rpc.Client.newFunction(); // every
rpc.Server.newFunction(); // where
Don't forget, when you are overloading an existing function, you can call the original function using $super
var rpc = require('json-rpc2');
rpc.Endpoint.$implement({
'trace': function($super, direction, message){
$super(' (' + direction + ')', message); //call the last defined function
}
});
And you can start your classes directly from any of the classes
var MyCoolServer = require('json-rpc2').Server.$define('MyCoolServer', {
myOwnFunction: function(){
},
}, {
myOwnClassMethod: function(){
}
}); // MyCoolServer will contain all class and instance functions from Server
MyCoolServer.myOwnClassMethod(); // class function
MyCoolServer.$create().myOwnFunction(); // instance function
This module uses the debug package, to debug it, you need to set the Node
environment variable to jsonrpc, by setting it in command line as set DEBUG=jsonrpc
or export DEBUG=jsonrpc
To learn more, see the examples
directory, peruse test/jsonrpc-test.js
, or
simply "Use The Source, Luke".
More documentation and development is on its way.
FAQs
JSON-RPC 2.0 server and client library, with HTTP, TCP and Websocket endpoints
The npm package json-rpc2 receives a total of 329 weekly downloads. As such, json-rpc2 popularity was classified as not popular.
We found that json-rpc2 demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.