Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
The default branch name for this repository has been changed to main
as of 07/27/2020.
The documentation for the Twilio API can be found here.
The Node library documentation can be found here.
twilio-node
uses a modified version of Semantic Versioning for all changes. See this document for details.
This library supports the following Node.js implementations:
TypeScript is supported for TypeScript version 2.9 and above.
Check out these code examples in JavaScript and TypeScript to get up and running quickly.
twilio-node
supports credential storage in environment variables. If no credentials are provided when instantiating the Twilio client (e.g., const client = require('twilio')();
), the values in following env vars will be used: TWILIO_ACCOUNT_SID
and TWILIO_AUTH_TOKEN
.
If your environment requires SSL decryption, you can set the path to CA bundle in the env var TWILIO_CA_BUNDLE
.
twilio-node
supports lazy loading required modules for faster loading time. Lazy loading is disabled by default. To enable lazy loading, simply instantiate the Twilio client with the lazyLoading
flag set to true
:
var accountSid = process.env.TWILIO_ACCOUNT_SID; // Your Account SID from www.twilio.com/console
var authToken = process.env.TWILIO_AUTH_TOKEN; // Your Auth Token from www.twilio.com/console
const client = require('twilio')(accountSid, authToken, {
lazyLoading: true
});
To take advantage of Twilio's Global Infrastructure, specify the target Region and/or Edge for the client:
var accountSid = process.env.TWILIO_ACCOUNT_SID; // Your Account SID from www.twilio.com/console
var authToken = process.env.TWILIO_AUTH_TOKEN; // Your Auth Token from www.twilio.com/console
const client = require('twilio')(accountSid, authToken, {
region: 'au1',
edge: 'sydney',
});
Alternatively, specify the edge and/or region after constructing the Twilio client:
const client = require('twilio')(accountSid, authToken);
client.region = 'au1';
client.edge = 'sydney';
This will result in the hostname
transforming from api.twilio.com
to api.sydney.au1.twilio.com
.
There are two ways to enable debug logging in the default HTTP client. You can create an environment variable called TWILIO_LOG_LEVEL
and set it to debug
or you can set the logLevel variable on the client as debug:
var accountSid = process.env.TWILIO_ACCOUNT_SID; // Your Account SID from www.twilio.com/console
var authToken = process.env.TWILIO_AUTH_TOKEN; // Your Auth Token from www.twilio.com/console
const client = require('twilio')(accountSid, authToken, {
logLevel: 'debug'
});
You can also set the logLevel variable on the client after constructing the Twilio client:
const client = require('twilio')(accountSid, authToken);
client.logLevel = 'debug';
For an example on how to handle exceptions in this helper library, please see the Twilio documentation.
To use a custom HTTP client with this helper library, please see the Twilio documentation.
The Dockerfile
present in this repository and its respective twilio/twilio-node
Docker image are currently used by Twilio for testing purposes only.
If you need help installing or using the library, please check the Twilio Support Help Center first, and file a support ticket if you don't find an answer to your question.
If you've instead found a bug in the library or would like new features added, go ahead and open issues or pull requests against this repo!
Bug fixes, docs, and library improvements are always welcome. Please refer to our Contributing Guide for detailed information on how you can contribute.
⚠️ Please be aware that a large share of the files are auto-generated by our backend tool. You are welcome to suggest changes and submit PRs illustrating the changes. However, we'll have to make the changes in the underlying tool. You can find more info about this in the Contributing Guide.
If you're not familiar with the GitHub pull request/contribution process, this is a nice tutorial.
If you want to familiarize yourself with the project, you can start by forking the repository and cloning it in your local development environment. The project requires Node.js to be installed on your machine.
After cloning the repository, install the dependencies by running the following command in the directory of your cloned repository:
npm install
You can run the existing tests to see if everything is okay by executing:
npm test
To run just one specific test file instead of the whole suite, provide a JavaScript regular expression that will match your spec file's name, like:
npm run test -- -m .\*client.\*
FAQs
A Twilio helper library
The npm package mmtwil receives a total of 0 weekly downloads. As such, mmtwil popularity was classified as not popular.
We found that mmtwil demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.