@f8n/openzeppelin-upgrades
Advanced tools
JavaScript library for the OpenZeppelin smart contract platform
JavaScript library for the OpenZeppelin smart contract platform.
OpenZeppelin SDK is a platform to develop, deploy and operate smart contract projects on Ethereum and every other EVM and eWASM-powered blockchain.
This is the repository for the OpenZeppelin SDK JavaScript library. It is mainly used
by the
openzeppelin-sdk command-line interface,
which is the recommended way to use the OpenZeppelin SDK; but this library can also be
used directly to operate projects when a programmatic interface is
preferred or more flexibility and lower-level access is required.
First, install Node.js and npm. Then, install the OpenZeppelin SDK JavaScript Library running:
npm install @openzeppelin/upgrades
Suppose there is a contract called MyContractV0 in the file
contracts/MyContractV0.sol, already compiled to
build/contracts/MyContractV0.json, and that there is a development blockchain
network running locally in port 8545.
Open a Node.js console:
node
const Web3 = require('web3');
const { Contracts, ProxyAdminProject, ZWeb3 } = require('@openzeppelin/upgrades')
async function main() {
// Create web3 provider and initialize OpenZeppelin upgrades
const web3 = new Web3('http://localhost:8545');
ZWeb3.initialize(web3.currentProvider)
// Create an OpenZeppelin project
const [from] = await ZWeb3.eth.getAccounts();
const project = new ProxyAdminProject('MyProject', null, null, { from, gas: 1e6, gasPrice: 1e9 });
// Deploy an instance of MyContractV0
console.log('Creating an upgradeable instance of v0...');
const MyContractV0 = Contracts.getFromLocal('MyContractV0');
const instance = await project.createProxy(MyContractV0, { initArgs: [42] });
const address = instance.options.address;
console.log(`Contract created at ${address}`);
// And check its initial value
const initialValue = await instance.methods.value().call();
console.log(`Initial value is ${initialValue.toString()}\n`);
// Upgrade it to V1
console.log('Upgrading to v1...');
const MyContractV1 = Contracts.getFromLocal('MyContractV1');
const instanceV1 = await project.upgradeProxy(instance.options.address, MyContractV1);
console.log(`Contract upgraded at ${instanceV1.options.address}`);
// And check its new `add` method, note that we use instanceV1 since V0 has no `add` in its ABI
await instanceV1.methods.add(10).send({ from, gas: 1e5, gasPrice: 1e9 });
const newValue = await instance.methods.value().call();
console.log(`Updated value is ${newValue.toString()}\n`);
}
main();
If you find a security issue, please contact us at security@openzeppelin.com. We give rewards for reported issues, according to impact and severity.
TODO.
To contribute, join our community channel on Telegram where you can talk to all the OpenZeppelin developers, contributors, partners and users.
You can also follow the recent developments of the project in our blog and Twitter account.
MIT © OpenZeppelin
FAQs
JavaScript library for the OpenZeppelin smart contract platform
We found that @f8n/openzeppelin-upgrades demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
OWASP’s 2025 Top 10 introduces Software Supply Chain Failures as a new category, reflecting rising concern over dependency and build system risks.
Research
/Security News
Socket researchers discovered nine malicious NuGet packages that use time-delayed payloads to crash applications and corrupt industrial control systems.
Security News
Socket CTO Ahmad Nassri discusses why supply chain attacks now target developer machines and what AI means for the future of enterprise security.