Security News
RubyGems.org Adds New Maintainer Role
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
@bitski/provider-engine
Advanced tools
[![Greenkeeper badge](https://badges.greenkeeper.io/MetaMask/provider-engine.svg)](https://greenkeeper.io/)
Web3 ProviderEngine is a tool for composing your own web3 providers.
Built to be modular - works via a stack of 'sub-providers' which are like normal web3 providers but only handle a subset of rpc methods.
The subproviders can emit new rpc requests in order to handle their own; e.g. eth_call
may trigger eth_getAccountBalance
, eth_getCode
, and others.
The provider engine also handles caching of rpc request results.
const ProviderEngine = require('web3-provider-engine')
const CacheSubprovider = require('web3-provider-engine/subproviders/cache.js')
const FixtureSubprovider = require('web3-provider-engine/subproviders/fixture.js')
const FilterSubprovider = require('web3-provider-engine/subproviders/filters.js')
const VmSubprovider = require('web3-provider-engine/subproviders/vm.js')
const HookedWalletSubprovider = require('web3-provider-engine/subproviders/hooked-wallet.js')
const NonceSubprovider = require('web3-provider-engine/subproviders/nonce-tracker.js')
const RpcSubprovider = require('web3-provider-engine/subproviders/rpc.js')
var engine = new ProviderEngine()
var web3 = new Web3(engine)
// static results
engine.addProvider(new FixtureSubprovider({
web3_clientVersion: 'ProviderEngine/v0.0.0/javascript',
net_listening: true,
eth_hashrate: '0x00',
eth_mining: false,
eth_syncing: true,
}))
// cache layer
engine.addProvider(new CacheSubprovider())
// filters
engine.addProvider(new FilterSubprovider())
// pending nonce
engine.addProvider(new NonceSubprovider())
// vm
engine.addProvider(new VmSubprovider())
// id mgmt
engine.addProvider(new HookedWalletSubprovider({
getAccounts: function(cb){ ... },
approveTransaction: function(cb){ ... },
signTransaction: function(cb){ ... },
}))
// data source
engine.addProvider(new RpcSubprovider({
rpcUrl: 'https://testrpc.metamask.io/',
}))
// log new blocks
engine.on('block', function(block){
console.log('================================')
console.log('BLOCK CHANGED:', '#'+block.number.toString('hex'), '0x'+block.hash.toString('hex'))
console.log('================================')
})
// network connectivity error
engine.on('error', function(err){
// report connectivity errors
console.error(err.stack)
})
// start polling for blocks
engine.start()
When importing in webpack:
import * as Web3ProviderEngine from 'web3-provider-engine';
import * as RpcSource from 'web3-provider-engine/subproviders/rpc';
import * as HookedWalletSubprovider from 'web3-provider-engine/subproviders/hooked-wallet';
The Ethereum JSON RPC was not designed to have one node service many clients. However a smaller, lighter subset of the JSON RPC can be used to provide the blockchain data that an Ethereum 'zero-client' node would need to function. We handle as many types of requests locally as possible, and just let data lookups fallback to some data source ( hosted rpc, blockchain api, etc ). Categorically, we don’t want / can’t have the following types of RPC calls go to the network:
dist
from git (but published in npm module)dist/es5
hooked-wallet-ethtx
message signinghooked-wallet
default txParamseth-block-tracker
@2.0.0eth-block-tracker
.personalRecoverSigner
to recoverPersonalSignature
pollingShouldUnref
option now defaults to falseFAQs
Bitski's ProviderEngine is a refactored version of Metamask's original provider engine library. This is the base of the Bitski Javascript SDKs (both browser and node).
The npm package @bitski/provider-engine receives a total of 57 weekly downloads. As such, @bitski/provider-engine popularity was classified as not popular.
We found that @bitski/provider-engine demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.
Security News
Research
Socket's threat research team has detected five malicious npm packages targeting Roblox developers, deploying malware to steal credentials and personal data.