Security News
Supply Chain Attack Detected in Solana's web3.js Library
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
github.com/bittorrent/go-unixfs
go-unixfs implements unix-like filesystem utilities on top of an ipld merkledag
This package contains many subpackages, each of which can be very large on its own.
The top level unixfs package defines the unixfs format datastructures, and some helper methods around it.
The importer
subpackage is what you'll use when you want to turn a normal file into a unixfs file.
The io
subpackage provides helpers for reading files and manipulating directories. The DagReader
takes a
reference to a unixfs file and returns a file handle that can be read from and seeked through. The Directory
interface allows you to easily read items in a directory, add items to a directory, and do lookups.
The mod
subpackage implements a DagModifier
type that can be used to write to an existing unixfs file, or
create a new one. The logic for this is significantly more complicated than for the dagreader, so its a separate
type. (TODO: maybe it still belongs in the io
subpackage though?)
The hamt
subpackage implements a CHAMP hamt that is used in unixfs directory sharding.
The archive
subpackage implements a tar
importer and exporter. The objects created here are not officially unixfs,
but in the future, this may be integrated more directly.
The test
subpackage provides several utilities to make testing unixfs related things easier.
go get github.com/bittorrent/go-unixfs
PRs are welcome!
Small note: If editing the Readme, please conform to the standard-readme specification.
MIT © Bittorrent
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.