Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
telegram-tghub-better-new
Advanced tools
A Telegram client written in JavaScript for Node.js and browsers, with its core being based on Telethon.
Here you'll learn how to obtain necessary information to create telegram application, authorize into your account and send yourself a message.
Note that if you want to use a GramJS inside of a browser, refer to this instructions.
Install GramJS:
$ npm i telegram
After installation, you'll need to obtain an API ID and hash:
Never share any API/authorization details, that will compromise your application and account.
When you've successfully created the application, change apiId
and apiHash
on what you got from telegram.
Then run this code to send a message to yourself.
import { TelegramClient } from "telegram";
import { StringSession } from "telegram/sessions";
import readline from "readline";
const apiId = 123456;
const apiHash = "123456abcdfg";
const stringSession = new StringSession(""); // fill this later with the value from session.save()
const rl = readline.createInterface({
input: process.stdin,
output: process.stdout,
});
(async () => {
console.log("Loading interactive example...");
const client = new TelegramClient(stringSession, apiId, apiHash, {
connectionRetries: 5,
});
await client.start({
phoneNumber: async () =>
new Promise((resolve) =>
rl.question("Please enter your number: ", resolve)
),
password: async () =>
new Promise((resolve) =>
rl.question("Please enter your password: ", resolve)
),
phoneCode: async () =>
new Promise((resolve) =>
rl.question("Please enter the code you received: ", resolve)
),
onError: (err) => console.log(err),
});
console.log("You should now be connected.");
console.log(client.session.save()); // Save this string to avoid logging in again
await client.sendMessage("me", { message: "Hello!" });
})();
Note that you can also save auth key to a folder instead of a string, change
stringSession
into this:
const storeSession = new StoreSession("folder_name");
Be sure to save output of client.session.save()
into stringSession
or storeSession
variable to avoid logging in again.
GramJS works great in combination with frontend libraries such as React, Vue and others.
While working within browsers, GramJS is using localStorage
to cache the layers.
To get a browser bundle of GramJS, use the following command:
NODE_ENV=production npx webpack
You can also use the helpful script generate_webpack.js
node generate_webpack.js
To use raw telegram API methods use invoke function.
await client.invoke(new RequestClass(args));
General documentation, use cases, quick start, refer to gram.js.org, or older version of documentation (will be removed in the future).
For more advanced documentation refer to gram.js.org/beta (work in progress).
If your ISP is blocking Telegram, you can check My ISP blocks Telegram. How can I still use GramJS?
If you have any questions about GramJS, feel free to open an issue or ask directly in our telegram group - @GramJSChat.
what do you mean by that ? If you want to update to a specific layer yourself there are 4 things you need to do.
you update export const LAYER = 181; in gramjs/tl/AllTLObjects Then you update gramjs/tl/static/api.tl with the one from tdesktop (the one you sent a link to) Then you do ts-node gramjs/tl/generateModule.js Then you finally do ts-node gramjs/tl/types-generator/generate.js
node publish_npm.js
FAQs
NodeJS/Browser MTProto API Telegram client library,
The npm package telegram-tghub-better-new receives a total of 22 weekly downloads. As such, telegram-tghub-better-new popularity was classified as not popular.
We found that telegram-tghub-better-new demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.