Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
The xStation5 API Python library provides a simple and easy-to-use API for interacting with the xStation5 trading platform. With this library, you can connect to the xStation5 platform, retrieve market data, and execute trades.
This library may be used for BFB Capital and XTB xStation5 accounts.
API documentation: http://developers.xstore.pro/documentation
This xStation5 API Python library is not affiliated with, endorsed by, or in any way officially connected to the xStation5 trading platform or its parent company. The library is provided as-is and is not guaranteed to be suitable for any particular purpose. The use of this library is at your own risk, and the author(s) of this library will not be liable for any damages arising from the use or misuse of this library. Please refer to the license file for more information.
You can install xAPI using pip. Simply run the following command:
pip install xapi-python
To use xAPI, you will need to have an active account with the xStation5 trading platform. Once you have an account, you can use the xAPI library to connect to the platform and begin trading.
Here is an example of how to use the xAPI library to connect to the xStation5 platform:
import asyncio
import xapi
# Replace these values with your own credentials
CREDENTIALS = {
"accountId": "<your_client_id>",
"password": "<your_password>",
"host": "ws.xtb.com",
"type": "real",
"safe": True
}
async def main():
try:
# Create a new xAPI object and connect to the xStation5 platform
async with await xapi.connect(**CREDENTIALS) as x:
pass
except xapi.LoginFailed as e:
print(f"Log in failed: {e}")
except xapi.ConnectionClosed as e:
print(f"Connection closed: {e}")
if __name__ == "__main__":
asyncio.run(main())
Once you have connected to the platform, you can use the xAPI object to retrieve market data and execute trades.
Here is an example of how to subscribe to market data using the xAPI library:
import asyncio
import xapi
# Replace these values with your own credentials
CREDENTIALS = {
"accountId": "<your_client_id>",
"password": "<your_password>",
"host": "ws.xtb.com",
"type": "real",
"safe": True
}
async def main():
while True:
try:
async with await xapi.connect(**CREDENTIALS) as x:
# Subscribe for the current price of BITCOIN and ETHEREUM
await x.stream.getTickPrices("BITCOIN")
await x.stream.getTickPrices("ETHEREUM")
# Listen for coming price ticks
async for message in x.stream.listen():
print(message['data'])
except xapi.LoginFailed as e:
print(f"Log in failed: {e}")
return
except xapi.ConnectionClosed as e:
print(f"Connection closed: {e}, reconnecting ...")
await asyncio.sleep(1)
continue
if __name__ == "__main__":
try:
asyncio.run(main())
except KeyboardInterrupt:
pass
And here is an example of how to execute a trade using the xAPI library:
import asyncio
import xapi
from xapi import TradeCmd, TradeType, TradeStatus
# Replace these values with your own credentials
CREDENTIALS = {
"accountId": "<your_client_id>",
"password": "<your_password>",
"host": "ws.xtb.com",
"type": "real",
"safe": False
}
async def main():
try:
async with await xapi.connect(**CREDENTIALS) as x:
# Open a new trade for BITCOIN
response = await x.socket.tradeTransaction(
symbol="BITCOIN",
cmd=TradeCmd.BUY_LIMIT,
type=TradeType.OPEN,
price=10.00,
volume=1
)
if response['status'] == True:
print("Transaction sent to market")
else:
print("Failed to trade a transaction", response)
except xapi.LoginFailed as e:
print(f"Log in failed: {e}")
except xapi.ConnectionClosed as e:
print(f"Connection closed: {e}")
if __name__ == "__main__":
asyncio.run(main())
To run the examples for the xAPI library, you will need to have an account with the xStation5 trading platform.
Before running the examples, you should create a file called credentials.json in the project directory. This file should contain your account credentials, like this:
{
"accountId": "<your_client_id>",
"password": "<your_password>",
"host": "ws.xtb.com",
"type": "real",
"safe": false
}
Once you have created the credentials.json file, you can run an example using the following command:
python3 examples/get-margin-level.py
This will run all of the unit tests in the tests directory:
git clone https://github.com/pawelkn/xapi-python.git
cd xapi-python
python3 -m unittest discover tests
If you find the project beneficial and would like to support me, please consider showing your appreciation by buying me a coffee on Buy Me A Coffee
FAQs
The xStation5 API Python library
We found that xapi-python demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.