
Security News
/Research
Wallet-Draining npm Package Impersonates Nodemailer to Hijack Crypto Transactions
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
nest-qiniu-sdk
Advanced tools
qiniu sdk for nestjs
yarn add nest-qiniu-sdk
// app.module.ts
import {Module} from '@nestjs/common'
import {AppController} from './app.controller'
import {QiniuModule, zone} from 'nest-qiniu-sdk'
@Module({
imports: [
QiniuModule.register({
// 通常不用管区域
// zone: zone.Zone_z0,
global: true,
access_key: 'access_key',
secret_key: 'secret_key',
bucket: 'bucket',
domain: 'http://bucket.test',
}),
],
controllers: [AppController],
})
export class AppModule {
}
// app.controller.ts
import {Controller, Get} from '@nestjs/common'
import {QiniuService, util} from 'nest-qiniu-sdk'
@Controller()
export class AppController {
constructor(private readonly QiniuService: QiniuService) {
}
@Get()
hiQiniu(@Request() req): any {
let options = this.QiniuService.getOptions(),
access_key = this.QiniuService.getOptions('access_key'),
secret_key = this.QiniuService.getOptions('secret_key'),
zone = this.QiniuService.getZone(),
bucket = this.QiniuService.getBucket(),
domain = this.QiniuService.getDomain()
/**
* 具体文档参考 https://developer.qiniu.com/kodo/1289/nodejs
* 大部分封装的不那么完美 建议根据源文档进行传参等配置 如 抓取网络资源到空间
*/
let mac = this.QiniuService.mac(),
cdnManager = this.QiniuService.cdnManager(),
putPolicy = this.QiniuService.putPolicy({}),
formUploader = this.QiniuService.formUploader(),
bucketManager = this.QiniuService.bucketManager(),
operationManager = this.QiniuService.operationManager()
let key = 'file_path',
// 过期时间 60秒
expires = 60
/**
* 获取上传 token
* https://developer.qiniu.com/kodo/1206/put-policy
*/
let get_upload_token = this.QiniuService.getUploadToken({
scope: bucket,
insertOnly: 1,
expires,
// ...
})
// 获取公开空间下载地址
let download_public_url = this.QiniuService.getPublicDownloadUrl(key)
// 获取私有空间下载地址
let download_private_url = this.QiniuService.getPrivateDownloadUrl(key, expires)
// 判断是否为七牛回调
let is_qiniu_callback = this.QiniuService.getIsQiniuCallback('request_full_url', req.headers['authorization'], req.body)
// 抓取网络资源到空间
let fetch_url = 'http://devtools.qiniu.com/qiniu.png'
bucketManager.fetch(fetch_url, bucket, key, (err, respBody, respInfo) => {
console.log(err, respBody, respInfo)
})
// 工具相关
let isTimestampExpired = util.isTimestampExpired(1675274522)
}
}
bucket
mac
key
等参数Promise
FAQs
qiniu-sdk for nestjs
The npm package nest-qiniu-sdk receives a total of 0 weekly downloads. As such, nest-qiniu-sdk popularity was classified as not popular.
We found that nest-qiniu-sdk demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
Security News
/Research
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.