Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
lambda-captcha
Advanced tools
Readme
Generates captchas that can be verified decentrally.
This is heavily inspired by svg-captcha, but written in TypeScript. It also allows you to pass the generated captcha expressions together with the user-supplied captcha solution, so you can verify the results independently. The captcha expressions are encrypted, so they are not machine readable.
const lambdaCaptcha = require('lambda-captcha')
const SECRET = process.env.CAPTCHA_SECRET
function generateCaptcha() {
const captchaConfig = lambdaCaptcha.LambdaCaptchaConfigManager.default(SECRET)
const captcha = lambdaCaptcha.create(captchaConfig)
return {
// The captcha SVG that you can display inside e.g. a form
captchaSvg: captcha.captchaSvg,
// This is the un-encrypted expression of the captcha.
captchaExpression: captcha.expr,
// This is the encrypted expression of the captcha.
// Pass it along with your server side verification requests.
encryptedCaptchaExpression: captcha.encryptedExpr
}
}
const lambdaCaptcha = require('lambda-captcha')
const SECRET = process.env.CAPTCHA_SECRET
function verify(encryptedCaptchaExpression, captchaSolution) {
const captchaResult = lambdaCaptcha.verify(captchaExpression, captchaSolution, SECRET)
return captchaResult // either true on success or false if the solution was wrong
}
npm run test
or
npm run tdd
FAQs
Generates captchas that can be verified decentrally.
The npm package lambda-captcha receives a total of 121 weekly downloads. As such, lambda-captcha popularity was classified as not popular.
We found that lambda-captcha demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.