Research
2025 Report: Destructive Malware in Open Source Packages
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
By Kush Pandya - Dec 24, 2025
pactify-api
Advanced tools
pactify-api
A simple API wrapper for Pactify - see https://www.pactify.fr/. It returns data from https://www.pactify.fr/api/player, https://www.pactify.fr/api/faction and https://www.pactify.fr/api/ranking.
Usage
Due to the simplicity of the API, I think there is no need to write a long documentation, theses examples clearly show how to use it. If you want more details, methods and properties are also explained using JSDoc.
Imports
const { Player, Faction, Ranking } = require('pactify-api');
Player
The only guaranteed properties are id, name, registrationDate, lastActivityDate, activityTime, online.
- Get a player by his name:
Player.fromName('username').then(player => { console.log(player); }).catch(error => { console.log(error.error); }); - Get a player by his ID:
const player = new Player('id'); player.fetch().then(() => { console.log(player); }).catch(error => { console.log(error.error); });
Faction
- Get a faction by its name:
Faction.fromName('FAC').then(faction => { console.log(faction); }).catch(error => { console.log(error.error); }); - Get a faction by its ID:
const faction = new Faction('id'); faction.fetch().then(() => { console.log(faction); }).catch(error => { console.log(error.error); });
Ranking
- Get factions ranking for a month:
const ranking = new Ranking('latest');
// you can also specify a YYYY-MM formatted month (e.g. 2020-05) instead of 'latest':
// const ranking = new Ranking('2020-05');
ranking.fetch().then(() => {
console.log(ranking);
}).catch(error => {
console.log(error.error);
});
Error codes
Errors returned by the API are objects containing a statusCode and an error property:
| statusCode | error |
|---|---|
0 | no error |
1 | internal error (which surely comes from a connection error from you or the server) |
2 | unknown player |
3 | unknown faction |
Partial data
Explanations
When parsing an object, you can have properties containing other data type. For instance, when you parse a Player, if he is in a faction, the faction Player property will result in a Faction object. This object is partial, which means you cannot expect it to have any information beside its ID.
You can know whether a data is partial by checking its partial property. The only data you can expect to don't be partial are these fetched with fetch or fromName methods.
Example
This example simply requests a player, then retrieves information from its faction. While the first log will only show the faction ID, the second will display all the property of the faction.
Player.fromName('username').then(async player => {
if (player.faction) {
console.log(player.faction);
await player.faction.fetch();
console.log(player.faction);
}
else
console.log('This player is not in a faction.');
}).catch(error => {
console.log(error.error);
});
FAQs
A simple API wrapper for Pactify - see https://www.pactify.fr/.
We found that pactify-api demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 04 May 2020
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Engineering with AI Podcast: The Promise of AI-First Development
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.
By Sarah Gooding - Dec 24, 2025
Research
/Security News
Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations
A five-month operation turned 27 npm packages into durable hosting for browser-run lures that mimic document-sharing portals and Microsoft sign-in, targeting 25 organizations across manufacturing, industrial automation, plastics, and healthcare for credential theft.
By Nicholas Anderson, Kirill Boychenko - Dec 23, 2025