Research
/Security News
Shai Hulud Strikes Again (v2)
Another wave of Shai-Hulud campaign has hit npm with more than 500 packages and 700+ versions affected.
By Socket Research Team -  Nov 24, 2025
🚨 Shai-Hulud Strikes Again:More than 500 packages and 700+ versions compromised.Technical Analysis →
yboss
Artifacts are distributable versions of a package. It typically includes the source code and metadata
Advanced tools
yboss
= yboss
yboss is a ruby library for the Yahoo BOSS API (http://developer.yahoo.com/boss/search/)
== Usage
=== Configuration
require 'yboss'
YBoss::Config.instance.oauth_key = 'your consumer_key here' YBoss::Config.instance.oauth_secret = 'your consumer_secret here'
in case you need to use a proxy
YBoss::Config.instance.proxy = 'http://your.proxy-address.com:3128/'
=== Parameters
You may use the same parameter names that are documented in the Boss API Guide at http://developer.yahoo.com/boss/search/boss_api_guide/.
=== The web search service
res = YBoss.web('q' => 'tuscany')
res.responsecode
200 res.start 0 res.count 20 res.totalresults 576
res.items.each do |i| puts "#{i.url}: #{i.title}, #{i.abstract}" puts " date: #{i.date}" puts " clickurl: #{i.clickurl}" puts " dispurl: #{i.dispurl}" end
=== The limitedweb search service
res = YBoss.limitedweb('q' => 'tuscany')
The result has the same methods as the web result
=== The image search service
res = YBoss.images('q' => 'ford mustang')
res.responsecode
200 res.start 0 res.count 35 res.totalresults 19400
res.items.each do |i| puts "#{i.url}: #{i.title} (#{i.size}, #{i.format})" puts " size: #{i.width}x#{i.height}" puts " clickurl: #{i.clickurl}" puts " refererclickurl: #{i.refererclickurl}" puts " refererurl: #{i.refererurl}" puts " thumbnailheight: #{i.thumbnailheight}" puts " thumbnailurl: #{i.thumbnailurl}" end
=== The news search service
res = YBoss.news('q' => 'Mercedes Benz')
res.responsecode
200 res.start 0 res.count 50 res.totalresults 492
res.items.each do |i| puts "#{i.url}: #{i.title}" puts " abstract: #{i.abstract}" puts " clickurl: #{i.clickurl}" puts " language: #{i.language}" puts " date: #{Time.at(i.date)}" puts " source: #{i.source}" puts " sourceurl: #{i.sourceurl}" end
=== The blog search service
res = YBoss.blogs('q' => 'Mercedes Benz')
res.responsecode
200 res.start 0 res.count 20 res.totalresults 17016
res.items.each do |i| puts "#{i.dispurl}: #{i.title}" puts " abstract: #{i.abstract}" puts " clickurl: #{i.clickurl}" puts " keyterms: #{i.keyterms}" puts " date: #{i.date}" puts " author: #{i.author}" puts " icon: #{i.icon}" puts " score: #{i.score}" end
=== The spelling service
res = YBoss.spelling('q' => 'gruffaloe')
res.responsecode
200 res.start 0 res.count 1 res.totalresults 1
res.items.each do |i| puts i.suggestion end
=== The related [also try] service
res = YBoss.related('q' => 'gruffalo')
res.responsecode
200 res.start 0 res.count 4 res.totalresults 4
res.items.each do |i| puts i.suggestion end
== Contributing to yboss
- Check out the latest master to make sure the feature hasn't been implemented or the bug hasn't been fixed yet.
- Check out the issue tracker to make sure someone already hasn't requested it and/or contributed it.
- Fork the project.
- Start a feature/bugfix branch.
- Commit and push until you are happy with your contribution.
- Make sure to add tests for it. This is important so I don't break it in a future version unintentionally.
- Please try not to mess with the Rakefile, version, or history. If you want to have your own version, or is otherwise necessary, that is fine, but please isolate to its own commit so I can cherry-pick around it.
== Copyright
Copyright (c) 2013 Tobias Begalke. See LICENSE.txt for further details.
FAQs
Unknown package
We found that yboss demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 01 Apr 2015
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Introducing Webhook Events for Alert Changes
Add real-time Socket webhook events to your workflows to automatically receive software supply chain alert changes in real time.
By Phil Gates-Idem -  Nov 21, 2025
Security News
ENISA Becomes a CVE Root, Expanding Its Role in Europe’s Vulnerability Ecosystem
ENISA has become a CVE Program Root, giving the EU a central authority for coordinating vulnerability reporting, disclosure, and cross-border response.
By Sarah Gooding -  Nov 21, 2025