Security News
How Threat Actors are Abusing GitHub’s File Upload Feature to Host Malware
GitHub is susceptible to a CDN flaw that allows attackers to host malware on any public repository.
ssb-conn-hub
Advanced tools
Readme
Module that manages active connections to peers. For use with the SSB CONN family of modules.
Visual metaphor: a network switch managing connections to other peers, capable of starting or stopping connections.
Prerequisites:
secret-stack@^6.3.0
This module is only used to create an SSB CONN plugin, not used directly by applications. A ConnHub instance should be available on the CONN plugin, with the following API:
connHub.connect(address, data?)
: connect to a peer known by its address
(string, must conform to the multiserver address convention). The second argument data
is optional, and allows you to attach additional metadata, that can be read later when this connection data is retrieved. Returns a Promise, with the three possible outcomes:
false
when the connect was unnecessary, therefore not performedconnHub.disconnect(address)
: disconnect from a peer known by its address
(string, must conform to the multiserver address convention). Returns a Promise, with the three possible outcomes:
true
when disconnected successfullyfalse
when the disconnect was unnecessary, therefore not performedconnHub.update(address, data)
: update the metadata of a peer currently in connection with us, where the peer is known by its address
and the new data is in data
. If the peer is not registered in ConnHub, this method performs no operations and returns false. Returns true if the update has succeeded.connHub.reset()
: closes all connections, basically resetting this instance as if it had just been startedconnHub.entries()
: returns a new Iterator
object that gives [address, data]
pairs, where data has the state and key of the peerconnHub.liveEntries()
: returns a pull-stream that emits an array of entries (like connHub.entries()
, but an array instead of an Iterator
) everytime there are updates to connections.connDB.listen()
: returns a pull stream that notifies of connection events, as an object {type, address, key, details}
where:
type
is either 'connecting'
, 'connecting-failed'
, 'connected'
, 'disconnecting'
, 'disconnecting-failed'
, 'disconnected'
address
is the original address used for connectingkey
is the cryptographic public iddetails
is an object with additional info
type === 'connected'
and contains details.rpc
(the MuxRPC object for the remote peer) and details.isClient
(boolean indicating whether we are the client)type === 'disconnecting'
type === 'disconnected'
type === 'connecting'
type === 'connecting-failed'
and details
is the error object for the connection failuretype === 'disconnecting-failed'
and details
is the error object for the connection failureconnHub.getState(address)
: returns undefined if the peer for that address is disconnected, otherwise returns one of 'connecting'
, 'connected'
, or 'disconnecting'
connHub.close()
: terminates any used resources and listeners, in preparation to destroy this instance.How can I get the RPC object for the remote peer connected with me?
Assuming you're access ConnHub from ssb-conn, listen to connection events on ConnHub, filter
for 'connected'
events, and they should contain the RPC object on the event's details
field:
pull(
ssb.conn.hub().listen(),
pull.filter(event => event.type === 'connected'),
pull.drain(event => {
const rpc = event.details.rpc
// `rpc` object has public methods such as `rpc.createHistoryStream()`
})
)
MIT
FAQs
Module that manages active connections to SSB peers
The npm package ssb-conn-hub receives a total of 30 weekly downloads. As such, ssb-conn-hub popularity was classified as not popular.
We found that ssb-conn-hub demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub is susceptible to a CDN flaw that allows attackers to host malware on any public repository.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.