Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
requires-port
Advanced tools
Check if a protocol requires a certain port number to be added to an URL.
The `requires-port` package is a simple utility used to determine if a default port is required for a given protocol. It's particularly useful when working with URLs or networking in Node.js applications, where you might need to append a port to a hostname based on the protocol being used. This package helps in making decisions about whether to include the port in a URL string.
Checking if a port is required for a protocol
This feature allows you to check if a specific port is typically required for a given protocol. For standard protocols like HTTP (80) and HTTPS (443), it returns `false` indicating that the port does not need to be explicitly mentioned in a URL since it's the default. For non-standard ports or protocols, it returns `true`, suggesting that the port should be specified. The code sample demonstrates how to use `requires-port` to check for common and custom protocols.
"use strict";\nconst requiresPort = require('requires-port');\n\n// Example for HTTP\nconsole.log(requiresPort(80, 'http')); // false\n\n// Example for HTTPS\nconsole.log(requiresPort(443, 'https')); // false\n\n// Example for a custom protocol\nconsole.log(requiresPort(8080, 'my-protocol')); // true"
While `requires-port` helps determine if a port is required for a protocol, `is-port-reachable` checks if a port is reachable on a host. It's more about network accessibility rather than protocol requirements, making it useful for testing if services are up and accessible.
The `get-port` package is designed to find an available port on the system. Unlike `requires-port`, which is about understanding protocol defaults, `get-port` is useful for dynamically selecting an open port to avoid conflicts, especially during development or when launching new server instances.
The module name says it all, check if a protocol requires a given port.
This module is intended to be used with browserify or Node.js and is distributed in the public npm registry. To install it simply run the following command from your CLI:
npm install --save requires-port
The module exports it self as function and requires 2 arguments:
http
, http:
or even https://yomoma.com
. We just split
it at :
and use the first result. We currently accept the following
protocols:
http
https
ws
wss
ftp
gopher
file
It returns a boolean that indicates if protocol requires this port to be added to your URL.
'use strict';
var required = require('requires-port');
console.log(required('8080', 'http')) // true
console.log(required('80', 'http')) // false
MIT
FAQs
Check if a protocol requires a certain port number to be added to an URL.
The npm package requires-port receives a total of 26,390,978 weekly downloads. As such, requires-port popularity was classified as popular.
We found that requires-port demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.