Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
A package for interacting with the FreeAgent accounting software.
Mainly made for personal use, but sharing it here because... well, why not? :-)
Currently only invoice related functionality is available. Other features are likely to be added in time.
pip install freeagent_api
import freeagent_api
api = freeagent_api.ApiClient(
client_id = '<client id from dev.freeagent.com>',
client_secret = '<client secret from dev.freeagent.com>',
use_sandbox = True,
)
# Load a serialised token from wherever you store them here
api.serialised_token = your_storage.get_token() # Implement this yourself
# or ask the user to authorise access to their account
api.do_auth()
# Get some basic info about the authenticated user
user = api.get_user()
company = api.get_company()
print(f"{user.fullname} works for {company.name}")
print()
# Find unpaid invoices
for invoice in api.get_invoices(status = "open_or_overdue"):
print(f"Invoice {invoice.reference} for {invoice.currency} {invoice.total_value} is unpaid")
# Store the authentication token for later use
storage.set_token(api.serialised_token) # Implement this yourself
This will, assuming appropriate invoices exist, display something along the lines of:
Tim the Enchanter works for Arthurian Enchanters Ltd
Invoice ART01 for GBP 112.15 is unpaid
Invoice ART02 for USD 245.10 is unpaid
Invoice RBT01 for GBP 2.50 is unpaid
See FreeAgent's official API documentation for the basic fields in each object. In addition to those, the following properties and methods are available:
address(include_country = True)
returns the full address of the authorised
user's company as a multiline string.address(include_country = True)
returns the full address of the contact
as a multiline string.fullname
returns the first and last name of the contact (if defined) as a
single string.name
returns the name to use on invoices. This will either be the
contact's full name or company name, depending on which is defined and the
contact_name_on_invoices setting for the contact.fullname
returns the first and last name of the authorised user as a
single string.Repository ison is adapted from 'accounting' by Vectors Market from Noun Project (CC BY 3.0), with the currency symbol replaced.
FAQs
Interface to the FreeAgent accounting software API
We found that freeagent-api demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.