
Research
/Security News
DuckDB npm Account Compromised in Continuing Supply Chain Attack
Ongoing npm supply chain attack spreads to DuckDB: multiple packages compromised with the same wallet-drainer malware.
@aeternity/contract-builder
Advanced tools
This package simplifies contract preparation to be used in production by providing:
.aes
files directly to JavaScript modules;ae-contract-builder
to be used if webpack is not available or not configurable.Firstly, you need to add this package to your project
$ npm install @aeternity/contract-builder --save-dev
To use aesophia_cli
(enabled by default), escript
needs to be available in PATH.
Add the loader to your webpack
config. For example:
webpack.config.js
module.exports = {
module: {
rules: [{
+ test: /\.aes$/,
+ use: [{
+ loader: `@aeternity/contract-builder`,
+ options: {
+ compilerType: 'http', // or 'cli'
+ compilerPath: './foo/aesophia_cli',
+ compilerUrl: 'http://localhost:3080/',
+ // the above is optional, uses CLI compiler by default
+ },
}],
}],
},
};
And run webpack
via your preferred method.
To build a smart contract into JavaScript module use
$ npx ae-contract-builder <path-to-contract-source.aes>
Also, you can add --watch
flag to watch for smart contract changes, specify multiple contracts one by one, or add this script to package.json
.
The output file will be located in the same directory with .js
extension instead of .aes
.
In both cases, you would get a Contract's child class with inlined ACI and compiled bytecode. It can be used the same as Contract
class but not needed to provide aci
, bytecode
, or sourceCode
.
import MyContract from './MyContract.aes';
// or import MyContract.js in case using ae-contract-builder
const myContract = await MyContract.initialize(aeSdk._getOptions());
await myContract.$deploy()
await myContract.foo('arg1', 'arg2')
We keep our Changelog up to date.
FAQs
Sophia smart contracts builder
The npm package @aeternity/contract-builder receives a total of 0 weekly downloads. As such, @aeternity/contract-builder popularity was classified as not popular.
We found that @aeternity/contract-builder demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
Ongoing npm supply chain attack spreads to DuckDB: multiple packages compromised with the same wallet-drainer malware.
Security News
The MCP Steering Committee has launched the official MCP Registry in preview, a central hub for discovering and publishing MCP servers.
Product
Socket’s new Pull Request Stories give security teams clear visibility into dependency risks and outcomes across scanned pull requests.