Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
@forest-fire/real-time-client
Advanced tools
A minimal abstraction over the Firebase client API
Basic Usage
Meant for frontend Javascript/Typescript apps which interact with Firebase's client API using the firebase client api.
import DB, { IFirebaseConfig } from "abstracted-client";
const config: IFirebaseClientConfig = {
apiKey: "ATzaSyDuimhvBmcV1zeTl4m1MphOgWnzS16QhBM",
authDomain: "my-app.firebaseapp.com",
databaseURL: "https://my-app.firebaseio.com",
projectId: "my-app",
storageBucket: "my-app.appspot.com",
messagingSenderId: "999999999999"
};
const db = new DB({ config });
// Get a list of records
const users = await db.getValue<IUser[]>("users");
// Push a new value onto a list
const company: ICompany = {
name: "Acme",
employees: 500
};
db.push<ICompany>("/companies", company);
Authentication
All of the authentication is done via the normal Firebase API for Auth which is accessible as auth off the DB class:
const db = new DB({ config });
const auth = db.auth;
Mocking
This library supports simple redirecting of all operations to the firemock mocking library; see related projects) and the "Mocking" section of the docs here for more details. In cases where mocking is being used, authentication (and security rights for paths) are not supported and therefore the above ENV variables are not required.
Documentation
Since this library and abstracted-admin share a common implementation for most of their API surface you'll find the documentation here: abstracted-admin
FAQs
Client SDK for the Real Time database
The npm package @forest-fire/real-time-client receives a total of 10 weekly downloads. As such, @forest-fire/real-time-client popularity was classified as not popular.
We found that @forest-fire/real-time-client demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Package last updated on 24 May 2020
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024