![Malicious npm Package Typosquats react-login-page to Deploy Keylogger](https://cdn.sanity.io/images/cgdhsj6q/production/007b21d9cf9e03ae0bb3f577d1bd59b9d715645a-1024x1024.webp?w=400&fit=max&auto=format)
Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
postman-collection
Advanced tools
Readme
Postman Collection SDK is a NodeJS module that allows a developer to work with Postman Collections. Using this module a developer can create collections, manipulate them and then export them in a format that the Postman Apps and Postman CLI Runtimes (such as Newman) can consume.
A collection lets you group individual requests together. These requests can be further organized into folders to accurately mirror your API. Requests can also store sample responses when saved in a collection. You can add metadata like name and description too so that all the information that a developer needs to use your API is available easily.
To know more about Postman Collections, visit the collection documentation section on Postman Website.
The new Collection Format v2 builds a stronger foundation for improving your productivity while working with APIs. We want your feedback and iron out issues before this goes into the Postman Apps.
Postman Collection SDK can be installed using NPM or directly from the git repository within your NodeJS projects. If
installing from NPM, the following command installs the SDK and saves in your package.json
> npm install postman-collection --save
In this example snippet we will get started by loading a collection from a file and output the same in console.
var fs = require('fs'), // needed to read JSON file from disk
Collection = require('postman-collection').Collection,
myCollection;
// Load a collection to memory from a JSON file on disk (say, sample-collection.json)
myCollection = new Collection(JSON.parse(fs.readFileSync('sample-collection.json').toString()));
// log items at root level of the collection
console.log(myCollection.toJSON());
After loading the collection from file, one can do a lot more using the functions that are available in the SDK. To know more about these functions, head over to Collection SDK Docs.
The collection schema outlines the JSON definition of data structure accepted by the constructor of each properties of this SDK. In other words, this SDK provides JavaScript level object manipulation for the JSON structure defined by Postman Collection Format in http://schema.postman.com/.
Schema Version | Compatible SDK Versions |
---|---|
1.0 | none |
2.0 | <3.0 |
2.1 | >= 3.0 |
Conceptually, a JSON input to the constructor of an SDK property should provide similar output when that property
instance's .toJSON()
is called.
FAQs
Unknown package
The npm package postman-collection receives a total of 818,526 weekly downloads. As such, postman-collection popularity was classified as popular.
We found that postman-collection demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.