Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
spawnpoint-nats
Advanced tools
NATS Plugin for Spawnpoint on NPM
Make sure to install NATS and the plugin for Spawnpoint NATS separately. NATS is treated as a peer dependency so you can change version separately.
npm i nats spawnpoint-nats
2.x.x
is designed for a NATS server running 2.x
1.x.x
is designed for a NATS server running 1.x
This api is mounted at app.nats
to access these methods:
app.nats.publish(subject, message, callback)
Sends a message to a subscriber. Expects no response. Callback issued when message is sent to the NATS server. No guarantee of receipt.
subject
string - subject to publish message tomessage
object|array|string|buffer - Message body for published messagecallback
function - Optional callback fired when sentapp.nats.request(subject, message, options, callback, updateCallback)
Sends a message to a subscriber with the expectation of at least one reply. Main callback only listens for the final reply. Can get updates to provide realtime stats/progress and/or acknowledgments to reset timeouts. Returns event emitter for update
, ack
, response
, & timeout
events.
subject
string - subject to publish message tomessage
object|array|string|buffer - Message body for published messageoptions
object - Options passed to PUB
method.
max
number - Number of replies to receive before unsubscribing from replies, optionaltimeout
number - Number of ms to wait until firing a timeout error. If omitted it will default to config settings. Setting to falsey value will disable timeoutcallback
function - Optional callback fired when final response is sent. Callback includes two arguments
err
error|null - If the response failed via timeout or was reported as an error from the response.results
*object|array|string|buffer - Response bodyupdateCallback
function - Optional callback fired when update is sent. Callback includes one argument
results
object|array|string|buffer - Response bodyapp.nats.request('lookup', {
domain: "google.com"
}, function(err, results){
if(err){
return console.error('ERROR', err);
}
console.log('Lookup results', results);
}, function(update){
console.log('update', update);
});
app.nats.subscribe(subject, options, callback, updateCallback)
Sends a message to a subscriber with the expectation of at least one reply. Main callback only listens for the final reply. Can get updates to provide realtime stats/progress and/or acknowledgments to reset timeouts. Returns event emitter for update
, ack
, response
, & timeout
events.
subject
string - subject to subscribe tooptions
object - Options passed to PUB
method.
queue
string - Name of queue to joinmax
number - Maximum number of messages to receive before automatically unsubscribing.noAck
boolean - Prevents automatic ack
message when set to true. Defaults to false.noPrefix
string - Prevents configurable prefix string from adding to subject. Defaults to false.callback
function - callback fired when messages are received. Callback includes two arguments
response
object|array|string|buffer - Message bodyhandler
eventEmitter - Event emitter with helper methods to handle updates, acks, and replies.
ack
- timeout int: Resets the timeout for the request. If not timeout is specified it will reset the timer that was used by the requester. timeout
is in ms.update
- data string: Sends a message with data update the request. Also resets the timeout.response
- err error|null, results object|array|string|buffer: Sends an error or response to the requestack()
: Tells the request to reset timeout, has no body or data to sendupdate(data *string*)
: Sends a message with data update the request. Also resets the timeout.response(err *error|null*, results *object|array|string|buffer*)
: Sends an error or response to the requestsubject
string - Copy of the message subject. Useful for wildcard subscriptions. Does not include prefix where applicable.app.nats.handle('lookup', {
queue: "dns.lookup"
}, function(msg, handler){
setTimeout(function(){
handler.ack();
}, 2500);
setTimeout(function(){
handler.update({
pending: true
});
}, 5000);
setTimeout(function(){
handler.response(null, msg);
}, 7500);
});
FAQs
NATS Plugin for Spawnpoint on NPM
The npm package spawnpoint-nats receives a total of 32 weekly downloads. As such, spawnpoint-nats popularity was classified as not popular.
We found that spawnpoint-nats demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.