Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
ssb-conn-db
Advanced tools
Module that manages a local registry of connectable peers. For use with the SSB CONN family of modules.
Visual metaphor: a shelf of binders used for archival, holding static data on peers and their previous addresses used for connections.
This module is only used to create an SSB CONN plugin, not used directly by applications. A ConnDB instance should be available on the CONN plugin, with the following API:
new ConnDB(opts)
: constructor for a connDB instance, with the following options:
opts.path
(default '~/.ssb'
): path to the directory where the database will be storedopts.writeTimeout
(default 2000
milliseconds): interval to wait when batching database writes in the filesystemconnDB.set(address, data)
: insert or update a connectable peer by its address
(string, must conform to the multiserver address convention) with data
(object). If updating the data, it will merge the previous properties with the new properties. Returns the connDB
instance.connDB.update(address, data)
: update a connectable peer by its address
(string, must conform to the multiserver address convention) with data
(object). If the peer is not in the database, this method performs no operations and silently returns. Returns the connDB
instance.connDB.update(address, updater)
: update a connectable peer by its address
(string, must conform to the multiserver address convention) with updater
(a function where input is the previous data object and output should be the new data object). If the peer is not in the database, this method performs no operations and silently returns. Returns the connDB
instance.connDB.replace(address, data)
: insert or update a connectable peer by its address
(string, must conform to the multiserver address convention) with data
(object). If updating the data, it will replace the previous properties with the new properties. Returns the connDB
instance.connDB.get(address)
: returns the data for an existing peer with the given address
, or undefined
if the address was not registeredconnDB.getAddressForId(id)
: returns the connection address for an existing peer with the given SSB feed id
, or undefined
if the address does not existconnDB.has(address)
: returns true
if the given address
is registered in the database, false
otherwiseconnDB.delete(address)
: remove an address and its associated data from the database. Returns true
if the address existed and was deleted, false
otherwise.connDB.entries()
: returns a new Iterator
object that gives [address, data]
pairsconnDB.listen()
: returns a pull stream that notifies of changes made to the database, as an object {type, address}
where type
is either 'insert'
, 'update'
, or 'delete'
connDB.loaded()
: returns a Promise that resolves successfully when the initial database loading (read) occurs, and rejects if there was a failure to load.connDB.close()
: finishes writing any pending updates to the database, then gets ready for destroying this instance.Notice that the API above mostly mirrors the API of the JavaScript Map.
MIT
FAQs
Module that manages a local registry of connectable peers
The npm package ssb-conn-db receives a total of 34 weekly downloads. As such, ssb-conn-db popularity was classified as not popular.
We found that ssb-conn-db demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.