![Malicious npm Package Typosquats react-login-page to Deploy Keylogger](https://cdn.sanity.io/images/cgdhsj6q/production/007b21d9cf9e03ae0bb3f577d1bd59b9d715645a-1024x1024.webp?w=400&fit=max&auto=format)
Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
@chain-registry/client
Advanced tools
Readme
A Client for chain-registry
that allows you to dynamically fetch data.
import { ChainRegistryFetcher, ChainRegistryFetcherOptions } from '@chain-registry/client';
const options: ChainRegistryFetcherOptions = {
urls: [
'https://raw.githubusercontent.com/cosmos/chain-registry/master/osmosis/chain.json',
'https://raw.githubusercontent.com/cosmos/chain-registry/master/osmosis/assetlist.json',
'https://raw.githubusercontent.com/cosmos/chain-registry/master/juno/assetlist.json',
'https://raw.githubusercontent.com/cosmos/chain-registry/master/secretnetwork/assetlist.json',
'https://raw.githubusercontent.com/cosmos/chain-registry/master/_IBC/juno-osmosis.json',
'https://raw.githubusercontent.com/cosmos/chain-registry/master/_IBC/osmosis-secretnetwork.json'
]
};
const registry = new ChainRegistryFetcher(options);
await registry.fetchUrls();
We currently only support fetching JSON schemas as defined in https://github.com/cosmos/chain-registry. Supported are assetlist.schema.json
, chain.schema.json
and ibc_data.schema.json
.
You can set the ChainRegistry.urls
property and call ChainRegistry.fetchUrls()
registry.urls = [
// urls to fetch
];
await registry.fetchUrls();
Or, you can simply call ChainRegistry.fetch()
await registry.fetch('https://some-json-schema.com/some-schema.json');
You can get generated asset lists directly from the registry:
// generated asset lists
const generated: AssetList[] = registry.getGeneratedAssetLists('osmosis');
You can get generated AssetList[]
objects directly from the ChainRegistry
via the assetLists
method:
// you can also get generated assets from ChainInfo object
const chainInfo: Chain = registry.getChainInfo('osmosis');
const generatedAssets: AssetList[] = chainInfo.assetLists;
You can get Chain
object directly from the ChainRegistry
via the getChain
method:
// get Chain from registry
const chain: Chain = registry.getChain('osmosis');
or get the ChainInfo
object:
const chainInfo: ChainInfo = registry.getChainInfo('osmosis');
// AssetList[] of the generated assets
const assets: AssetList[] = chainInfo.assetLists;
// Chain
const chain: Chain = chainInfo.chain;
// Native asset list
const nativeAssetList: AssetList = chainInfo.nativeAssetList;
Checkout these related projects:
🛠 Built by Cosmology — if you like our tools, please consider delegating to our validator ⚛️
FAQs
Unknown package
We found that @chain-registry/client demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.