Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
stackoverflow-careers
Advanced tools
An unofficial, maintained API to scrape the latest jobs from Stackoverflow Careers Jobs/RSS feeds. Unfortunately, due to limitations of the RSS feeds, only the latest 25 listings are available for any query. Make them more specific if you'd like deeper results.
Before use, make sure you install the library with the following command:
npm install stackoverflow-careers
Next, add the following into your Nodejs project:
const StackOverflow = require('stackoverflow-careers');
StackOverflow.getCareers({
location: "london", // Location for the job. Making this more specific will yield better results.
query: "contractor positions", // Any additional requirements, such as part time, contractor, startup etc.
techLiked: ["javascript", "java", "c"], // Tech liked
techDisliked: ["perl", "rust", "fortran"], // Tech disliked
unit: "miles" // Unit of measurement.
}, (jobs) => {
jobs.forEach((job) => {
console.log(job);
});
});
JSDocs have been added to exposed API endpoints, any further issues please feel free to open up an issue on the Github repository
v1.1 - Implemented HTML character encoding to allow searches contained special characters. This means you won't be receiving results for C
when you search for C#
. Nifty!
FAQs
A wrapper for the StackOverflow careers feed.
The npm package stackoverflow-careers receives a total of 3 weekly downloads. As such, stackoverflow-careers popularity was classified as not popular.
We found that stackoverflow-careers demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.