Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
The Shipday node sdk provides easier access to the from applications written in server-side JavaScript.
See the shipday api docs for Node.js
Node 10 or higher
npm install shipday --save
# or
yarn add shipday
You need to provide the shipday api-key in order to use the library. Example usages looks like following:-
const Shipday = require('shipday/integration')
const shipdayClient = new Shipday('**** api key', 10000);
shipdayClient.carrierService.getCarriers().then(r => console.log(r[0]));
The first parameter is your api key, second parameter is timeout for request in millisecond.
And it will look like following in the console:-
{
id: 48767,
personalId: '',
name: 'Mohedul (Vehicle Not 121381)',
codeName: '',
phoneNumber: '+880176841',
companyId: 13808,
areaId: 13807,
isOnShift: false,
email: 'mark@shipday.com',
carrierPhoto: null,
device: 'iPhone12,5',
osInfo: '15.6',
isActive: true,
carrrierLocationLat: 22.328689,
carrrierLocationLng: 91.783807,
isAppLocationServiceOn: false
}
To run the tests, first resolve all dependencies by using
npm install
and then execute the following
npm run test
FAQs
Shipday API wrapper
We found that shipday demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.