Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@bufbuild/connect
Advanced tools
Connect is a family of libraries for building type-safe APIs with different languages and platforms. @bufbuild/connect brings them to TypeScript, the web browser, and to Node.js.
With Connect, you define your schema first:
service ElizaService {
rpc Say(SayRequest) returns (SayResponse) {}
}
And with the magic of code generation, this schema produces servers and clients:
const answer = await eliza.say({sentence: "I feel happy."});
console.log(answer);
// {sentence: 'When you feel happy, what do you do?'}
Unlike REST, the RPCs you use with Connect are typesafe end to end, but they are
regular HTTP under the hood. You can see all requests in the network inspector,
and you can curl
them if you want:
curl \
--header 'Content-Type: application/json' \
--data '{"sentence": "I feel happy."}' \
https://demo.connectrpc.com/connectrpc.eliza.v1.ElizaService/Say
With Connect for ECMAScript, you can spin up a service in Node.js and call it from the web, the terminal, or native mobile clients. Under the hood, it uses Protocol Buffers for the schema, and implements RPC (remote procedure calls) with three protocols: The widely available gRPC and gRPC-web, and Connect's own protocol, optimized for the web. This gives you unparalleled interoperability with full-stack type-safety.
Follow our 10 minute tutorial where we use Vite and React to create a web interface for ELIZA.
React, Svelte, Vue, Next.js and Angular are supported (see examples), and we have an expansion pack for TanStack Query. We support all modern web browsers that implement the widely available fetch API and the Encoding API.
Follow our 10 minute tutorial to spin up a service in Node.js, and call it from the web, and from a gRPC client in your terminal.
You can use vanilla Node.js, or our server plugins for Fastify
or Express. We support the builtin http
, and http2
modules on Node.js v16 and later.
FAQs
Type-safe APIs with Protobuf and TypeScript.
The npm package @bufbuild/connect receives a total of 16,875 weekly downloads. As such, @bufbuild/connect popularity was classified as popular.
We found that @bufbuild/connect demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 10 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.