Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Small SDK for vk.com API.
npm install vksdk
// Setup
var VK = require('vksdk');
var vk = new VK({
'appId' : 2807970,
'appSecret' : 'L14ZKpgQPalJdumI6vFK',
'language' : 'ru'
});
/**
* Request server methods
*/
// Setup server access token for server API methods
vk.on('serverTokenReady', function(_o) {
// Here will be server access token
vk.setToken(_o.access_token);
});
// Turn on requests with access tokens
vk.setSecureRequests(true);
// Request server API method
vk.request('secure.getSMSHistory', {}, function(_dd) {
console.log(_dd);
});
/**
* Request client methods
*/
// First you have to pass access_token from client side JS code
vk.setToken(access_token);
// Request 'users.get' method
vk.request('users.get', {'user_id' : 1}, function(_o) {
console.log(_o);
});
var VK = require('vksdk');
var vk = new VK({
'appId' : [Your application ID here],
'appSecret' : [Your application secret code here],
});
Required config options:
Available config options:
You can read and change some config options:
For vk.com API requests you have to use method request(_method, _requestParams, _response).
Request method gets data from API and returns result. There are 3 ways to get data from API
vk.setSecureRequests(false);
vk.request('users.get', {'user_id' : 1}, function(_o) {
console.log(_o);
});
After success API call SDK emits the event named 'done:' + _method; So if you call method users.get, you have to wait event done:users.get
vk.setSecureRequests(false);
vk.request('users.get', {'user_id' : 1});
vk.on('done:users.get', function(_o) {
console.log(_o);
});
Result of request will be returned with your custom event
vk.setSecureRequests(false);
vk.request('users.get', {'user_id' : 1}, 'myCustomEvent');
vk.on('myCustomEvent', function(_o) {
console.log(_o);
});
For some api methods you need server access token
vk.requestServerToken();
// Waiting for special 'serverTokenReady' event
vk.on('serverTokenReady', function(_o) {
// Here will be server access token
console.log(_o);
});
You also can get tokeb with callback or custom event
SDK emits 'http-error' event in case of http errors.
vk.on('http-error', function(_e) {
console.log(_e);
});
SDK emits 'parse-error' event in case of non-valid API answer.
vk.on('parse-error', function(_e) {
console.log(_e);
});
SDK provides all methods from events.EventEmitter
You also can request some api methods without any tokens, with app signature
vk.oldRequest('places.getCountryById', {'cids' : '1,2'}, function(_o) {
console.log(_o);
});
But this way is deprecated and doesn't work for all api methods.
Your commits and pull requests are welcome. Please run the tests before
npm test
You have to provide tests for the new features.
See also vk.com cities and counties DB
FAQs
SDK for API of vk.com
The npm package vksdk receives a total of 82 weekly downloads. As such, vksdk popularity was classified as not popular.
We found that vksdk demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.