Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
node-vk-sdk
Advanced tools
VK API SDK for Node.js
To install the stable version:
npm install --save node-vk-sdk
This assumes you are using npm as your package manager. If you don’t, you can access these files on unpkg, download them, or point your package manager to them.
You can import SDK using ES6 modules:
import {VKApi, ConsoleLogger} from 'node-vk-sdk'
Or using require
:
const {VKApi, ConsoleLogger} = require('node-vk-sdk')
import {VKApi, ConsoleLogger} from 'node-vk-sdk'
let api = new VKApi({
logger: new ConsoleLogger()
})
api.usersGet({ userIds: ['1'] })
.then(response => {
console.log(response)
})
interface VKApiOptions {
lang?: string|number,
testMode?: number,
logger?: BaseLogger,
token?: string,
timeout?: number,
requestsPerSecond?: number,
useQueue?: boolean
}
lang?
- Determines the language for the data to be displayed on. For example country and city names.
If you use a non-cyrillic language, cyrillic symbols will be transtiterated automatically
en – English, ru – Russian, ua – Ukrainian, be – Belorussian, es – Spanish, fi – finnish, de – German, it – Italian.
Numeric format from account.getInfo
is supported as well.
test_mode?
- 1 – allows to send requests from a native app without switching it on for all users.
logger?
- Logger class that implements BaseLogger
No logging will be used logger is not passed
token?
- Access token
timeout?
- Network timeout in ms
requestsPerSecond
- Maximum requests per second, default is 3
useQueue
- If useQueue is true, then SDK will limit number of requests per second at requestsPerSecond
All api methods returning Promise, so you can use them as Promise or as async functions.
Methods arguments are described in interfaces, so you need to pass object implementing that interface, for example users.get
props interface:
export interface UsersGetParams {
/**
* User IDs or screen names ('screen_name'). By default, current user ID.
*/
user_ids?: string[],
/**
* Profile fields to return. Sample values: 'nickname', 'screen_name', 'sex', 'bdate' (birthdate), 'city', 'country', 'timezone', 'photo', 'photo_medium', 'photo_big', 'has_mobile', 'contacts', 'education', 'online', 'counters', 'relation', 'last_seen', 'activity', 'can_write_private_message', 'can_see_all_posts', 'can_post', 'universities',
*/
fields?: string[],
/**
* Case for declension of user name and surname: 'nom' — nominative (default), 'gen' — genitive , 'dat' — dative, 'acc' — accusative , 'ins' — instrumental , 'abl' — prepositional
*/
name_case?: string,
/**
* access token
*/
access_token?: string
}
All props interfaces have accessToken
property, that token will be used instead of token passed to VKApi
Calling example:
api.usersGet({ user_ids: ['1'] })
.then(response => {
console.log(response)
})
// or we can call it as async function
let response = await api.usersGet({ user_ids: ['1'] })
Direct call methods:
// makes plain call & returns contents of "response" property of server response
public async call(method: string, params: Object): Promise<any>
// Makes api call and if there was
// server-side error or requests limit was reached
// repeats the call after some timeout
public async callWithRetry(method: string, params: Object): Promise<any>
To receive group updates using Bots Long Poll API use BotsLongPollUpdatesProvider
class:
import {VKApi, ConsoleLogger, BotsLongPollUpdatesProvider} from 'node-vk-sdk'
let api = new VKApi({
token: 'GROUP_TOKEN_HERE',
logger: new ConsoleLogger()
})
let updatesProvider = new BotsLongPollUpdatesProvider(api, GROUP_ID_HERE)
updatesProvider.getUpdates(updates => {
console.log('got updates: ', updates)
})
FAQs
VK API SDK for Node.js
We found that node-vk-sdk demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.