Vulnerabilities

DepShield reports that this application's usage of set-value:2.0.0 results in the following vulnerability(s):

• (CVSS 7.5) CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion')

Occurrences

set-value:2.0.0 is a transitive dependency introduced by the following direct dependency(s):

• docsify-cli:4.3.0
        └─ livereload:0.7.0
              └─ chokidar:1.7.0
                    └─ readdirp:2.2.1
                          └─ micromatch:3.1.10
                                └─ snapdragon:0.8.2
                                      └─ base:0.11.2
                                            └─ cache-base:1.0.1
                                                  └─ set-value:2.0.0

_{This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.}

Vulnerabilities

DepShield reports that this application's usage of q:1.5.1 results in the following vulnerability(s):

• (CVSS 7.5) CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Occurrences

q:1.5.1 is a transitive dependency introduced by the following direct dependency(s):

• standard-version:4.2.0
        └─ conventional-changelog:1.1.24
              └─ conventional-changelog-angular:1.6.6
                    └─ q:1.5.1
              └─ conventional-changelog-atom:0.2.8
                    └─ q:1.5.1
              └─ conventional-changelog-codemirror:0.3.8
                    └─ q:1.5.1
              └─ conventional-changelog-core:2.0.11
                    └─ q:1.5.1
              └─ conventional-changelog-ember:0.3.12
                    └─ q:1.5.1
              └─ conventional-changelog-eslint:1.0.9
                    └─ q:1.5.1
              └─ conventional-changelog-express:0.3.6
                    └─ q:1.5.1
              └─ conventional-changelog-jquery:0.1.0
                    └─ q:1.5.1
              └─ conventional-changelog-jscs:0.1.0
                    └─ q:1.5.1
              └─ conventional-changelog-jshint:0.3.8
                    └─ q:1.5.1

_{This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.}

I am getting an exception when called a SnapShotFullAsync on coin Id 33639 and a few others

This is the line of code im calling that triggeres the exception
CryptoCompare.CoinSnapshotFullData coinInfo = CryptoCompareClient.Instance.Coins.SnapshotFullAsync(33639).Result.Data;

The exception has to do with the UnixTimeConverter.
Here is the full exception:

Hi!

Could you clarify (and possibly add more description to read.me file if you want) what is actually the purpose of the library. It's not quite clear what should it compare, compare to what and what are the sources of the data.

Thanks!

Tried to consume the Cardano snapshot full : https://www.cryptocompare.com/api/data/coinsnapshotfullbyid?id=321992

The value : "StartDate":"01/01/0001" is not handled by the deserialization.

✨ Feature request

Add a string field to the CoinInfo to allow retrieving smart contract address when available

📝 Description

Currently, the field doesn't exist so the JSON data is not deserialized into the CoinInfo object

Describe the solution you'd like

Simply add a string field with the correct name on the class

Describe alternatives you've considered

Nothing really, apart from setting the field to null when the API returns "N/A", but this is not done anywhere else in the code

I've installed the package via Nuget, Please update README.md file with net core usage examples. Thank you.

Vulnerabilities

DepShield reports that this application's usage of debug:2.6.9 results in the following vulnerability(s):

• (CVSS 7.5) CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion')

Occurrences

debug:2.6.9 is a transitive dependency introduced by the following direct dependency(s):

• docsify-cli:4.3.0
        └─ connect:3.6.6
              └─ debug:2.6.9
              └─ finalhandler:1.1.0
                    └─ debug:2.6.9
        └─ docsify-server-renderer:4.8.6
              └─ debug:2.6.9
        └─ livereload:0.7.0
              └─ chokidar:1.7.0
                    └─ fsevents:1.2.4
                          └─ node-pre-gyp:0.10.0
                                └─ needle:2.2.0
                                      └─ debug:2.6.9
                    └─ readdirp:2.2.1
                          └─ micromatch:3.1.10
                                └─ extglob:2.0.4
                                      └─ expand-brackets:2.1.4
                                            └─ debug:2.6.9
                                └─ snapdragon:0.8.2
                                      └─ debug:2.6.9
        └─ serve-static:1.13.2
              └─ send:0.16.2
                    └─ debug:2.6.9

_{This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.}

Vulnerabilities

DepShield reports that this application's usage of lodash.templatesettings:4.1.0 results in the following vulnerability(s):

• (CVSS 7.4) CWE-471: Modification of Assumed-Immutable Data (MAID)

Occurrences

lodash.templatesettings:4.1.0 is a transitive dependency introduced by the following direct dependency(s):

• standard-version:4.2.0
        └─ conventional-recommended-bump:1.2.1
              └─ git-raw-commits:1.3.6
                    └─ lodash.template:4.4.0
                          └─ lodash.templatesettings:4.1.0

_{This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.}

Vulnerabilities

DepShield reports that this application's usage of lodash._reinterpolate:3.0.0 results in the following vulnerability(s):

• (CVSS 7.4) CWE-471: Modification of Assumed-Immutable Data (MAID)

Occurrences

lodash._reinterpolate:3.0.0 is a transitive dependency introduced by the following direct dependency(s):

• standard-version:4.2.0
        └─ conventional-recommended-bump:1.2.1
              └─ git-raw-commits:1.3.6
                    └─ lodash.template:4.4.0
                          └─ lodash._reinterpolate:3.0.0
                          └─ lodash.templatesettings:4.1.0
                                └─ lodash._reinterpolate:3.0.0

_{This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.}

Vulnerabilities

DepShield reports that this application's usage of lodash.template:4.4.0 results in the following vulnerability(s):

• (CVSS 7.4) CWE-471: Modification of Assumed-Immutable Data (MAID)

Occurrences

lodash.template:4.4.0 is a transitive dependency introduced by the following direct dependency(s):

• standard-version:4.2.0
        └─ conventional-recommended-bump:1.2.1
              └─ git-raw-commits:1.3.6
                    └─ lodash.template:4.4.0

_{This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.}

SnapshotAsync doesn't work "This has been moved to https://min-api.cryptocompare.com/data/top/exchanges/full"

Vulnerabilities

DepShield reports that this application's usage of braces:1.8.5 results in the following vulnerability(s):

• (CVSS 7.5) CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion')

Occurrences

braces:1.8.5 is a transitive dependency introduced by the following direct dependency(s):

• commitizen:3.0.5
        └─ find-node-modules:1.0.4
              └─ findup-sync:0.4.2
                    └─ micromatch:2.3.11
                          └─ braces:1.8.5

_{This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.}

Hello
I can see you did the 'Streamer subscription channels'. Is it for realtime trades?
I couldn't find the function in CryptoCompareClient class or its members.

✨ Feature request

The Multiple Symbols Full Data Api return object (CoinFullAggregatedDataDisplay) is missing some members like

• VolumeHour
• VolumeHourTo
• OpenHour
• OpenHourTo
• LowHour
• ImageUrl

Can you include them.

Thank you for providing this library for people to use. I found a problem with the serialization of CandleData.

To reproduce in C#:

var date = new DateTimeOffset(2018, 6, 15, 0, 0, 0, new TimeSpan(0, 0, 0));  
var hist = await CryptoCompareClient.Instance.History.HourAsync("BTC", "USD", 2, "Coinbase", date); 
var json = Newtonsoft.Json.JsonConvert.SerializeObject(data); //exception thrown

The issue is here:

I'm assuming it's only a minor amount of work needed. Would the project maintainer prefer I submit a PR or will they handle it on their own?

When HistoricalForTimestampAsync is called for less known coins, 0 is returned, it works fine for popular coins such as BTC and LTC

When running the history client I noticed that I was getting an exception that said alldata was not a boolean value. What I noticted was bool?.ToString() was True. Added ToLower() and the parameter is now valid. I also got exceptions when testing other parameters on the same method also.

Vulnerabilities

DepShield reports that this application's usage of marked:0.5.2 results in the following vulnerability(s):

• (CVSS 7.5) CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion')
• (CVSS 7.5) CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion')

Occurrences

marked:0.5.2 is a transitive dependency introduced by the following direct dependency(s):

• docsify-cli:4.3.0
        └─ docsify:4.8.6
              └─ marked:0.5.2

_{This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.}

Vulnerabilities

DepShield reports that this application's usage of lodash.map:4.6.0 results in the following vulnerability(s):

• (CVSS 7.4) CWE-471: Modification of Assumed-Immutable Data (MAID)

Occurrences

lodash.map:4.6.0 is a transitive dependency introduced by the following direct dependency(s):

• cz-conventional-changelog:2.1.0
        └─ lodash.map:4.6.0

_{This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.}

Vulnerabilities

DepShield reports that this application's usage of tar:4.4.1 results in the following vulnerability(s):

• (CVSS 7.5) [CVE-2018-20834] Improper Link Resolution Before File Access ("Link Following")
• (CVSS 7.5) CWE-62: UNIX Hard Link

Occurrences

tar:4.4.1 is a transitive dependency introduced by the following direct dependency(s):

• docsify-cli:4.3.0
        └─ livereload:0.7.0
              └─ chokidar:1.7.0
                    └─ fsevents:1.2.4
                          └─ node-pre-gyp:0.10.0
                                └─ tar:4.4.1

_{This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.}

Vulnerabilities

DepShield reports that this application's usage of set-value:0.4.3 results in the following vulnerability(s):

• (CVSS 7.5) CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion')

Occurrences

set-value:0.4.3 is a transitive dependency introduced by the following direct dependency(s):

• docsify-cli:4.3.0
        └─ livereload:0.7.0
              └─ chokidar:1.7.0
                    └─ readdirp:2.2.1
                          └─ micromatch:3.1.10
                                └─ snapdragon:0.8.2
                                      └─ base:0.11.2
                                            └─ cache-base:1.0.1
                                                  └─ union-value:1.0.0
                                                        └─ set-value:0.4.3

_{This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.}

hi,

how show list of all coins???

regards

Vulnerabilities

DepShield reports that this application's usage of lodash:4.17.11 results in the following vulnerability(s):

• (CVSS 9.8) [CVE-2019-10744] Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The...
• (CVSS 9.6) CWE-506: Embedded Malicious Code

Occurrences

lodash:4.17.11 is a transitive dependency introduced by the following direct dependency(s):

• all-contributors-cli:5.4.1
        └─ inquirer:4.0.2
              └─ lodash:4.17.11
        └─ async:2.6.1
              └─ lodash:4.17.11
        └─ lodash:4.17.11

• commitizen:3.0.5
        └─ inquirer:6.2.0
              └─ lodash:4.17.11
        └─ lodash:4.17.11

• docsify-cli:4.3.0
        └─ docsify:4.8.6
              └─ opencollective:1.0.3
                    └─ inquirer:3.0.6
                          └─ lodash:4.17.11

• standard-version:4.2.0
        └─ conventional-changelog:1.1.24
              └─ conventional-changelog-core:2.0.11
                    └─ conventional-changelog-writer:3.0.9
                          └─ lodash:4.17.11
                    └─ lodash:4.17.11
        └─ conventional-recommended-bump:1.2.1
              └─ conventional-commits-parser:2.1.7
                    └─ lodash:4.17.11

_{This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.}

✨ Feature request

Add a possibility to throttle request to CryptoCompare.com API

📝 Description

The aim of this new feature is to allow users to remain below the maximum number of requests per second imposed by CryptoCompare.com when using their API.
For instance the free key I am using restricts the user to less than 10 requests per second.

Describe the solution you'd like

Please look at this draft solution:
master...monsieurleberre:throttle

I am happy to add some unit tests showing that the queries are delayed, however that will require mocking the wrapped HttpClient and therefore the introduction of the IHttpClientFactory interface (cf https://gingter.org/2018/07/26/how-to-mock-httpclient-in-your-net-c-unit-tests/). I felt that was a bit too much for this proposal but let me know if this is required.

Describe alternatives you've considered

For a more re-usable solution, I think we could also introduce a generic type that would wrap the type containing the method being throttled and take a Function in its constructor (the call that needs to be throttled). I think this might be an overkill here though.