Gathering detailed insights and metrics for mqtt-packet
Gathering detailed insights and metrics for mqtt-packet
Parse and generate MQTT packets like a breeze in JS
Installations
npm install mqtt-packetDeveloper
mqttjs
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
Typescript Support
Yes
Node Version
20.18.0
NPM Version
10.8.2
Statistics
206 Stars
293 Commits
93 Forks
19 Watching
10 Branches
39 Contributors
Updated on 12 Nov 2024
Languages
JavaScript (100%)
Total Downloads
Cumulative downloads
Total Downloads
161,353,771
Last day
2.8%
219,770
Compared to previous day
Last week
10.2%
1,177,916
Compared to previous week
Last month
15.2%
4,455,786
Compared to previous month
Last year
35.7%
45,162,234
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
3
Dev Dependencies
5
Versions
mqtt-packet
Encode and Decode MQTT 3.1.1, 5.0 packets the node way.
This library is tested with node v6, v8, v10, v12 and v14. The last version to support older versions of node was mqtt-packet@4.1.2.
Installation
1npm install mqtt-packet --save
Examples
Generating
1const mqtt = require('mqtt-packet'); 2const object = { 3 cmd: 'publish', 4 retain: false, 5 qos: 0, 6 dup: false, 7 length: 10, 8 topic: 'test', 9 payload: 'test' // Can also be a Buffer 10}; 11const opts = { protocolVersion: 4 }; // default is 4. Usually, opts is a connect packet 12 13console.log(mqtt.generate(object)) 14// Prints: 15// 16// <Buffer 30 0a 00 04 74 65 73 74 74 65 73 74> 17// 18// Which is the same as: 19// 20// Buffer.from([ 21// 48, 10, // Header (publish) 22// 0, 4, // Topic length 23// 116, 101, 115, 116, // Topic (test) 24// 116, 101, 115, 116 // Payload (test) 25// ])
Parsing
1const mqtt = require('mqtt-packet'); 2const opts = { protocolVersion: 4 }; // default is 4. Usually, opts is a connect packet 3const parser = mqtt.parser(opts); 4 5// Synchronously emits all the parsed packets 6parser.on('packet', packet => { 7 console.log(packet) 8 // Prints: 9 // 10 // { 11 // cmd: 'publish', 12 // retain: false, 13 // qos: 0, 14 // dup: false, 15 // length: 10, 16 // topic: 'test', 17 // payload: <Buffer 74 65 73 74> 18 // } 19}) 20 21parser.parse(Buffer.from([ 22 48, 10, // Header (publish) 23 0, 4, // Topic length 24 116, 101, 115, 116, // Topic (test) 25 116, 101, 115, 116 // Payload (test) 26])) 27// Returns the number of bytes left in the parser
API
mqtt.generate(object, [opts])
Generates a Buffer containing an MQTT packet.
The object must be one of the ones specified by the packets
section. Throws an Error if a packet cannot be generated.
mqtt.writeToStream(object, stream, [opts])
Writes the mqtt packet defined by object to the given stream.
The object must be one of the ones specified by the packets
section. Emits an Error on the stream if a packet cannot be generated.
On node >= 0.12, this function automatically calls cork() on your stream,
and then it calls uncork() on the next tick.
By default cache for number buffers is enabled.
It creates a list of buffers for faster write. To disable cache set mqtt.writeToStream.cacheNumbers = false.
Should be set before any writeToStream calls.
mqtt.parser([opts])
Returns a new Parser object. Parser inherits from EventEmitter and
will emit:
packet, when a new packet is parsed, according to packetserror, if an error happens
Parser.parse(buffer)
Parses a given Buffer and emits synchronously all the MQTT packets that
are included. Returns the number of bytes left to parse.
If an error happens, an error event will be emitted, but no packet events
will be emitted after that. Calling parse() again clears the error and
previous buffer, as if you created a new Parser.
Packets
This section describes the format of all packets emitted by the Parser
and that you can input to generate.
Connect
1{ 2 cmd: 'connect', 3 protocolId: 'MQTT', // Or 'MQIsdp' in MQTT 3.1 and 5.0 4 protocolVersion: 4, // Or 3 in MQTT 3.1, or 5 in MQTT 5.0 5 clean: true, // Can also be false 6 clientId: 'my-device', 7 keepalive: 0, // Seconds which can be any positive number, with 0 as the default setting 8 username: 'matteo', 9 password: Buffer.from('collina'), // Passwords are buffers 10 will: { 11 topic: 'mydevice/status', 12 payload: Buffer.from('dead'), // Payloads are buffers 13 properties: { // MQTT 5.0 14 willDelayInterval: 1234, 15 payloadFormatIndicator: false, 16 messageExpiryInterval: 4321, 17 contentType: 'test', 18 responseTopic: 'topic', 19 correlationData: Buffer.from([1, 2, 3, 4]), 20 userProperties: { 21 'test': 'test' 22 } 23 } 24 }, 25 properties: { // MQTT 5.0 properties 26 sessionExpiryInterval: 1234, 27 receiveMaximum: 432, 28 maximumPacketSize: 100, 29 topicAliasMaximum: 456, 30 requestResponseInformation: true, 31 requestProblemInformation: true, 32 userProperties: { 33 'test': 'test' 34 }, 35 authenticationMethod: 'test', 36 authenticationData: Buffer.from([1, 2, 3, 4]) 37 } 38}
If protocolVersion is 3, clientId is mandatory and generate will throw if
missing.
If password or will.payload are passed as strings, they will
automatically be converted into a Buffer.
Connack
1{ 2 cmd: 'connack', 3 returnCode: 0, // Or whatever else you see fit MQTT < 5.0 4 sessionPresent: false, // Can also be true. 5 reasonCode: 0, // reason code MQTT 5.0 6 properties: { // MQTT 5.0 properties 7 sessionExpiryInterval: 1234, 8 receiveMaximum: 432, 9 maximumQoS: 2, 10 retainAvailable: true, 11 maximumPacketSize: 100, 12 assignedClientIdentifier: 'test', 13 topicAliasMaximum: 456, 14 reasonString: 'test', 15 userProperties: { 16 'test': 'test' 17 }, 18 wildcardSubscriptionAvailable: true, 19 subscriptionIdentifiersAvailable: true, 20 sharedSubscriptionAvailable: false, 21 serverKeepAlive: 1234, 22 responseInformation: 'test', 23 serverReference: 'test', 24 authenticationMethod: 'test', 25 authenticationData: Buffer.from([1, 2, 3, 4]) 26 } 27}
The only mandatory argument is returnCode, as generate will throw if
missing.
Subscribe
1{ 2 cmd: 'subscribe', 3 messageId: 42, 4 properties: { // MQTT 5.0 properties 5 subscriptionIdentifier: 145, 6 userProperties: { 7 test: 'test' 8 } 9 } 10 subscriptions: [{ 11 topic: 'test', 12 qos: 0, 13 nl: false, // no Local MQTT 5.0 flag 14 rap: true, // Retain as Published MQTT 5.0 flag 15 rh: 1 // Retain Handling MQTT 5.0 16 }] 17}
All properties are mandatory.
Suback
1{ 2 cmd: 'suback', 3 messageId: 42, 4 properties: { // MQTT 5.0 properties 5 reasonString: 'test', 6 userProperties: { 7 'test': 'test' 8 } 9 } 10 granted: [0, 1, 2, 128] 11}
All the granted qos must be < 256, as they are encoded as UInt8. All properties are mandatory.
Unsubscribe
1{ 2 cmd: 'unsubscribe', 3 messageId: 42, 4 properties: { // MQTT 5.0 properties 5 userProperties: { 6 'test': 'test' 7 } 8 } 9 unsubscriptions: [ 10 'test', 11 'a/topic' 12 ] 13}
All properties are mandatory.
Unsuback
1{ 2 cmd: 'unsuback', 3 messageId: 42, 4 properties: { // MQTT 5.0 properties 5 reasonString: 'test', 6 userProperties: { 7 'test': 'test' 8 } 9 } 10}
All properties are mandatory.
Publish
1{ 2 cmd: 'publish', 3 messageId: 42, 4 qos: 2, 5 dup: false, 6 topic: 'test', 7 payload: Buffer.from('test'), 8 retain: false, 9 properties: { // optional properties MQTT 5.0 10 payloadFormatIndicator: true, 11 messageExpiryInterval: 4321, 12 topicAlias: 100, 13 responseTopic: 'topic', 14 correlationData: Buffer.from([1, 2, 3, 4]), 15 userProperties: { 16 'test': 'test' 17 }, 18 subscriptionIdentifier: 120, // can be an Array in message from broker, if message included in few another subscriptions 19 contentType: 'test' 20 } 21}
Only the topic property is mandatory.
Both topic and payload can be Buffer objects instead of strings.
messageId is mandatory for qos > 0.
Puback
1{ 2 cmd: 'puback', 3 messageId: 42, 4 reasonCode: 16, // only for MQTT 5.0 5 properties: { // MQTT 5.0 properties 6 reasonString: 'test', 7 userProperties: { 8 'test': 'test' 9 } 10 } 11}
The only mandatory property is messageId, as generate will throw if
missing.
Pubrec
1{ 2 cmd: 'pubrec', 3 messageId: 42, 4 reasonCode: 16, // only for MQTT 5.0 5 properties: { // properties MQTT 5.0 6 reasonString: 'test', 7 userProperties: { 8 'test': 'test' 9 } 10 } 11}
The only mandatory property is messageId, as generate will throw if
missing.
Pubrel
1{ 2 cmd: 'pubrel', 3 messageId: 42, 4 reasonCode: 16, // only for MQTT 5.0 5 properties: { // properties MQTT 5.0 6 reasonString: 'test', 7 userProperties: { 8 'test': 'test' 9 } 10 } 11}
The only mandatory property is messageId, as generate will throw if
missing.
Pubcomp
1{ 2 cmd: 'pubcomp', 3 messageId: 42, 4 reasonCode: 16, // only for MQTT 5.0 5 properties: { // properties MQTT 5.0 6 reasonString: 'test', 7 userProperties: { 8 'test': 'test' 9 } 10 } 11}
The only mandatory property is messageId, as generate will throw if
missing.
Pingreq
1{ 2 cmd: 'pingreq' 3}
Pingresp
1{ 2 cmd: 'pingresp' 3}
Disconnect
1{ 2 cmd: 'disconnect', 3 reasonCode: 0, // MQTT 5.0 code 4 properties: { // properties MQTT 5.0 5 sessionExpiryInterval: 145, 6 reasonString: 'test', 7 userProperties: { 8 'test': 'test' 9 }, 10 serverReference: 'test' 11 } 12}
Auth
1{ 2 cmd: 'auth', 3 reasonCode: 0, // MQTT 5.0 code 4 properties: { // properties MQTT 5.0 5 authenticationMethod: 'test', 6 authenticationData: Buffer.from([0, 1, 2, 3]), 7 reasonString: 'test', 8 userProperties: { 9 'test': 'test' 10 } 11 } 12}
Contributing
mqtt-packet is an OPEN Open Source Project. This means that:
Individuals making significant and valuable contributions are given commit-access to the project to contribute as they see fit. This project is more like an open wiki than a standard guarded open source project.
See the CONTRIBUTING.md file for more details.
Contributors
mqtt-packet is only possible due to the excellent work of the following contributors:
| Matteo Collina | GitHub/mcollina | Twitter/@matteocollina |
|---|---|---|
| Adam Rudd | GitHub/adamvr | Twitter/@adam_vr |
| Peter Sorowka | GitHub/psorowka | Twitter/@psorowka |
| Siarhei Buntsevich | GitHub/scarry1992 |
License
MIT
Stable Version
The latest stable version of the package.
Stable Version
9.0.1
HIGH
6
HIGH
7.5/10
Summary
Improper Input Validation and Buffer Over-read in mqtt-packet
Affected Versions
>= 6.0.0, < 6.1.2
Patched Versions
6.1.2
HIGH
7.5/10
Summary
Improper Input Validation and Buffer Over-read in mqtt-packet
Affected Versions
>= 5.0.0, < 5.6.1
Patched Versions
5.6.1
HIGH
7.5/10
Summary
Improper Input Validation and Buffer Over-read in mqtt-packet
Affected Versions
>= 4.0.0, < 4.1.3
Patched Versions
4.1.3
HIGH
7.5/10
Summary
Improper Input Validation and Buffer Over-read in mqtt-packet
Affected Versions
< 3.5.1
Patched Versions
3.5.1
HIGH
0/10
Summary
Denial of Service in mqtt-packet
Affected Versions
>= 4.0.0, < 4.0.5
Patched Versions
4.0.5
HIGH
0/10
Summary
Denial of Service in mqtt-packet
Affected Versions
< 3.4.6
Patched Versions
3.4.6
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE.md:0
- Warn: project license file does not contain an FSF or OSI license.
Reason
Found 15/30 approved changesets -- score normalized to 5
Reason
dependency not pinned by hash detected -- score normalized to 2
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/mqttjs/mqtt-packet/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/mqttjs/mqtt-packet/ci.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:23
- Info: 0 out of 2 GitHub-owned GitHubAction dependencies pinned
- Info: 1 out of 2 npmCommand dependencies pinned
Reason
1 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 1
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/ci.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 17 are checked with a SAST tool
Score
4.1
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More