Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
3scale-3scale_ws_api_for_ruby
Advanced tools
= Interface for 3scale web service API monitoring system
This plugin provides interface for communication with 3scale monitoring system.
== Configuration
If you are using rails 2.1 or newer, put this into your config/environment.rb file:
config.gem "3scale_interface"
If you are using older version, put there this instead:
require "3scale_interface"
== Usage
First, create new interface object with 3scale backed hostname and Your private authentication key:
interface = ThreeScale::Interface.new(backend_host, provider_key)
You can find the backend hostname on http://www.3scale.net/support/api.
Because the object is stateless, you can create just one and store it globally.
Then for each request to Your service:
transaction = interface.start(user_key, 'hits' => 1, 'storage' => 42000)
This will return transaction data (if successful). It is a hash containing these fields:
:id:: transaction id necessary for confirmation or cancellation of transaction (see following steps).
:provider_verification_key:: the provider should send this key back to user so he/she can verify the authenticity of the response.
:contract_name:: name of contract the user is signed for. This can be used to send different response according to contract type, if that is desired.
2a. If the processing was successful: Call +confirm+:
interface.confirm(transaction[:id])
Or call it with actual resource usage, if it differs from predicted one:
interface.confirm(transaction[:id], 'hits' => 1, 'storage' => 40500)
2b. If there was some error, call +cancel+:
interface.cancel(transaction[:id])
== Legal:
Copyright (c) 2008 3scale networks S.L., released under the MIT license.
FAQs
Unknown package
We found that 3scale-3scale_ws_api_for_ruby demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.