Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
mediawiki-api-axios
Advanced tools
The library provides the out of box accessing to MediaWiki API in both browsers & Node.js, and the syntax is very similar to vanilla `new mw.Api()`. TypeScript definition included~
- 同时兼容浏览器&Node.js 环境 -
- Support both browser and Node.js environment -
本库提供了与原版 new mw.Api()
非常相似的 api 请求封装。让你在非 MediaWiki 环境中轻松实现各种 wiki 操作。使用 TypeScript 编写~
The library provides the out of box accessing to MediaWiki API in both browsers & Node.js, and the syntax is very similar to vanilla new mw.Api()
. TypeScript definition included~
new mw.Api()
{ "foo": ["bar", "baz"], watch: false }
→ { "foo": "bar|baz" }
安装/installation
# Via pnpm:
pnpm add mediawiki-api-axios
# Yarn? sure:
yarn add mediawiki-api-axios
# Or just npm:
npm install mediawiki-api-axios
Then, import it to your project:
import { MediaWikiApi } from 'mediawiki-api-axios'
const api = new MediaWikiApi('https://zh.moegirl.org.cn/api.php')
// ...
在浏览器中直接使用/Use directly in the browser
import('https://unpkg.com/mediawiki-api-axios@latest/dist/index.js?module').then(
({ MediaWikiApi }) => {
const api = new MediaWikiApi('https://zh.moegirl.org.cn/api.php')
// ...
}
)
Then use it just like the new mw.Api()
You can find some sample code snippets here.
Below is the documentation of MediaWikiApi.
MediaWikiApi
{class MediaWikiApi}Main methods:
new MediaWikiApi(baseURL?: string, options?: AxiosRequestConfig)
baseURL
: API endpoint of your target wiki site (e.g. https://mediawiki.org/w/api.php)
options
: {AxiosRequestConfig}login(username: string, password: string): Promise<{ status: 'PASS' | 'FAIL'; username: string }>
Login you account.
get<T = any>(params: MwApiParams, options?: AxiosRequestConfig): Promise<AxiosResponse<T>>
Make GET
request
post<T = any>(body: MwApiParams, options?: AxiosRequestConfig): Promise<AxiosResponse<T>>
Make POST
request
postWithToken<T = any>(tokenType: MwTokenName, body: MwApiParams, options?: AxiosRequestConfig): Promise<AxiosResponse<T>>
Make POST
request with specified token.
type MwTokenName =
| 'createaccount'
| 'csrf'
| 'login'
| 'patrol'
| 'rollback'
| 'userrights'
| 'watch'
MediaWikiApi.ajax
{AxiosInstance} (getter)Get AxiosInstance
of current MediaWikiApi instance
MediaWikiApi#adjustParamValue(params: MwApiParams): Record<string: string>
(static)Adjust input params to standard MediaWiki request params.
string[] → string
: ['foo', 'bar', 'baz'] → 'foo|bar|baz
false → undefined
: remove false itemsMediaWikiApi#createAxiosInstance(payload: { baseURL: string; params: MwApiParams; options: AxiosRequestConfig })
(static)Create your own axios instance.
Warning: The instance created by this method does not include responsive getters/setters (described below) and the out of box cookie controls.
MediaWikiApi.defaultOptions
{AxiosRequestOptions} (responsive* getter/setter)defaults: {}
MediaWikiApi.defaultParams
{MwApiParams} (responsive* getter/setter)defaults:
this.defaultParams = {
action: 'query',
errorformat: 'plaintext',
format: 'json',
formatversion: 2,
}
Modifying these properties on the instance will automatically recreate the Axios instance of current MediaWikiApi instance. You can modify them directly and safely.
MIT License
Copyright (c) 2022 萌娘百科 User:机智的小鱼君 (A.K.A. Dragon-Fish)
FAQs
The library provides the out of box accessing to MediaWiki API in both browsers & Node.js, and the syntax is very similar to vanilla `new mw.Api()`. TypeScript definition included~
We found that mediawiki-api-axios demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.