Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
websocket-ts
Advanced tools
Install websocket-ts
with npm:
$ npm install websocket-ts
This example shows how to use the package, complete with message buffering and automatic reconnection. The created websocket will echo back any received messages. It will buffer messages when disconnected and attempt to reconnect every 1 second.
import {
ArrayQueue,
ConstantBackoff,
Websocket,
WebsocketBuilder,
WebsocketEvent,
} from "websocket-ts";
// Initialize WebSocket with buffering and 1s reconnection delay
const ws = new WebsocketBuilder("ws://localhost:8080")
.withBuffer(new ArrayQueue()) // buffer messages when disconnected
.withBackoff(new ConstantBackoff(1000)) // retry every 1s
.build();
// Function to output & echo received messages
const echoOnMessage = (i: Websocket, ev: MessageEvent) => {
console.log(`received message: ${ev.data}`);
i.send(`echo: ${ev.data}`);
};
// Add event listeners
ws.addEventListener(WebsocketEvent.open, () => console.log("opened!"));
ws.addEventListener(WebsocketEvent.close, () => console.log("closed!"));
ws.addEventListener(WebsocketEvent.message, echoOnMessage);
This will demonstrate how to use websocket-ts
in your project using the provided WebsocketBuild
-class.
For a more detailed description of the API, please refer to the API Documentation.
Create a new instance with the WebsocketBuilder
:
const ws = new WebsocketBuilder("ws://localhost:42421").build();
There are six events which can be subscribed to through with event listeners:
export enum WebsocketEvent {
open = "open", // Connection opened
close = "close", // Connection closed
error = "error", // Error-induced closure
message = "message", // Message received
retry = "retry", // Reconnect attempt
reconnect = "reconnect" // Successful reconnect
}
Event listeners receive the websocket instance (i
) and the triggering event (ev
) as arguments.
const ws = new WebsocketBuilder("ws://localhost:42421")
.onOpen((i, ev) => console.log("opened"))
.onClose((i, ev) => console.log("closed"))
.onError((i, ev) => console.log("error"))
.onMessage((i, ev) => console.log("message"))
.onRetry((i, ev) => console.log("retry"))
.onReconnect((i, ev) => console.log("reconnect"))
.build();
To unregister a specific event listener, use removeEventListener
:
let ws: Websocket
/* ... */
ws.removeEventListener(WebsocketEvent.open, openEventListener);
Use the send
method to send a message to the server:
let ws: Websocket;
/* ... */
ws.send("Hello World!");
If you'd like the websocket to automatically reconnect upon disconnection, you can optionally provide a Backoff
strategy.
This sets the delay between reconnection attempts. There are three built-in Backoff
implementations, or you can create
your own by implementing the Backoff
interface. If no Backoff is provided, the websocket will not attempt to reconnect.
The ConstantBackoff
strategy enforces a fixed delay between each reconnection attempt.
To set a constant 1-second wait time, use:
const ws = new WebsocketBuilder("ws://localhost:42421")
.withBackoff(new ConstantBackoff(1000)) // 1000ms = 1s
.build();
The LinearBackoff
strategy increases the delay between reconnection attempts linearly,
up to an optional maximum. For example, to start with a 0-second delay and increase by
10 second for each retry, capping at 60 seconds, use:
const ws = new WebsocketBuilder("ws://localhost:42421")
.withBackoff(new LinearBackoff(0, 10000, 60000)) // 0ms, 10s, 20s, 30s, 40s, 50s, 60s
.build();
The ExponentialBackoff
strategy doubles the delay between each reconnection attempt, up
to a specified maximum. This approach is inspired by the binary exponential backoff algorithm
commonly used in networking. For example, to generate a backoff series like [1s, 2s, 4s, 8s]
, use:
const ws = new WebsocketBuilder("ws://localhost:42421")
.withBackoff(new ExponentialBackoff(1000, 6)) // 1s, 2s, 4s, 8s, 16s, 32s, 64s
.build();
To buffer outgoing messages when the websocket is disconnected, you can optionally specify
a Queue
. This queue will temporarily store your messages and send them in sequence when
the websocket (re)connects. Two built-in Queue
implementations are available, or you can
create your own by implementing the Queue
interface. If no queue is provided, messages
won't be buffered.
The RingQueue
is a fixed-capacity, first-in-first-out (FIFO) queue. When it reaches capacity,
the oldest element is removed to accommodate new ones. Reading from the queue returns and
removes the oldest element. For instance, to set up a RingQueue
with a 100-element capacity,
use:
const ws = new WebsocketBuilder("ws://localhost:42421")
.withBuffer(new RingQueue(100))
.build();
The ArrayQueue offers an unbounded capacity, functioning as a first-in-first-out (FIFO) queue.
Reading from this queue returns and removes the oldest element. To use an ArrayQueue
, use:
const ws = new WebsocketBuilder("ws://localhost:42421")
.withBuffer(new ArrayQueue())
.build();
To compile the project, execute npm run build
. The codebase includes unit tests for all
components. To run these tests, use npm run test
.
FAQs
<img src="https://github.com/jjxxs/websocket-ts
The npm package websocket-ts receives a total of 4,565 weekly downloads. As such, websocket-ts popularity was classified as popular.
We found that websocket-ts demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.