Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
A minimal wrapper for the reddit API. It manages the session tokens, rate limiting and JSON parsing, otherwise it just passes on the raw response from reddit.
npm install redditor
It supports both doing anonymouse and authorized requests.
var reddit = require('redditor');
reddit.get('/r/funny.json', function(err, response) {
if(err) throw err;
console.log(response); // response is a Javascript object
});
Login using username and password.
reddit({
username: 'test_username',
password: 'test_password'
}, function(err, authorized) {
// Note that the returned object and the main reddit instance are not the same
if(err) throw err;
authorized.get('/api/me.json', function(err, response) {
// ...
});
});
Or using cookie
and modhash
directly.
var authorized = reddit({
cookie: 'test_cookie',
modhash: 'test_modhash'
});
If needed the data can also be streamed using the returned instance.
reddit.post('/api/new_captcha').pipe(fs.createWriteStream('captcha.png'));
FAQs
Minimal reddit API wrapper
The npm package redditor receives a total of 5 weekly downloads. As such, redditor popularity was classified as not popular.
We found that redditor demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.