Security News
pnpm 10.0.0 Blocks Lifecycle Scripts by Default
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
With npm:
npm install ntp-time
With yarn:
yarn add ntp-time
To instantiate an NTP Client you just have to require the client class from the module and then instantiate it inside your code. To get the time you must use the syncTime
method.
const NTP = require('ntp-time').Client;
const client = new NTP('a.st1.ntp.br', 123, { timeout: 5000 });
async function sync() {
try {
await client.syncTime();
} catch (err) {
console.log(err);
}
}
sync();
// Or using .then
client
.syncTime()
.then(time => console.log(time)) // time is the whole NTP packet
.catch(console.log);
To put a server up, you must require the server class from the ntp-time
module, pass a request callback to it and use the listen method, with a port and an callback as an argument. Inside the request callback you can manipulate the message the way you want.
const NTPServer = require('ntp-time').Server;
const server = new NTPServer();
// Define your custom handler for requests
server.handle((message, response) => {
console.log('Server message:', message);
message.transmitTimestamp = Math.floor(Date.now() / 1000);
response(message);
});
// Check if node has the necessary permissions
// to listen on ports less than 1024
// https://stackoverflow.com/questions/413807/is-there-a-way-for-non-root-processes-to-bind-to-privileged-ports-on-linux
server.listen(123, err => {
if (err) throw err;
console.log('Server listening');
});
For more didatic code, go to the examples page.
FAQs
A ntp library for nodejs
The npm package ntp-time receives a total of 568 weekly downloads. As such, ntp-time popularity was classified as not popular.
We found that ntp-time demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.
Research
Security News
Socket researchers have discovered multiple malicious npm packages targeting Solana private keys, abusing Gmail to exfiltrate the data and drain Solana wallets.