Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
A wrapper around fidm/quic, node-quic is a dead simple stream based QUIC server / client for use in node.js.
A wrapper around fidm/quic, node-quic is a dead simple stream based QUIC server / client for use in node.js.
node-quic is a simple way to bring QUIC / UDP into your application.
npm install node-quic
import quic from 'node-quic'
const port = 1234
const address = 'localhost' // default
quic.listen(port, address)
.then(() => {}) // called once server starts listening
.onError((error) => {}) // called if there's an error with the listening.
// There are three classes of error:
// * 'server error'
// * 'server session error'
// * 'server stream error'
// An error will come out as an object with key
// `class` containing one of the above. More information
// will be in the error object.
.onData(
(data, stream, buffer) => {}
) // data here will be a stringified version of
// whatever was sent using quic.send(), stream will have
// two function properties: `write` and `end.`
// Use stream.write(data) to return information to the
// original sender. Note: stream.write will automatically
// stringify any non-buffer data sent to it, but you will need
// to parse your own data on the way out of `.onData` for
// `quic.listen` and for `quic.send`. Use `stream.end()`
// if you don't need to send anything back. If you are working
// with buffers directly and don't need anything stringified,
// you can use the buffer argument.
quic.send(port, address, data) // Send data to a listening server. `data` is automatically
// stringified, but will need to be parsed manually on receive.
.then(() => {}) // called after the stream is written
.onError((error) => {}) // called on error. The error classes for `quic.send` are:
// * 'client stream error'
.onData((data, buffer) => {}) // `data` is populated by whatever the receiving server deems
// necessary to send back. `buffer` contains the unstringified
// version of the data.
There are also a few utility functions:
quic.stopListening() // kill the server
quic.getServer() // return low level server object. Note, a server will only be
// returned following a call to `.listen()` and preceding any
// calls to `.stopListening()`, a.k.a. when quic is listening.
quic.getAddress() // returns an object {
// port: <number>,
// family: <string>, // like 'IPv4'
// address: <string> // defaults to '127.0.0.1'
// }
// Note: these fields will be 0 or the empty string if quic
// is not listening.
Easy Peasy. Enjoy!
FAQs
A wrapper around fidm/quic, node-quic is a dead simple stream based QUIC server / client for use in node.js.
We found that node-quic demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.