Product
Rust Support Now in Beta
Socket's Rust support is moving to Beta: all users can scan Cargo projects and generate SBOMs, including Cargo.toml-only crates, with Rust-aware supply chain checks.
By Mikola Lysenko, Trevor Norris - Sep 11, 2025
@gmdaoeth/collections
Advanced tools
collections
An npm package that includes collection and contract info, including ABIs and addresses. A single source of truth across all gmdao projects, reducing manual copy-pasta.
Installing the package
This package is published to npm and can be installed like any other npm package.
yarn add @gmdaoeth/collections@latest
Usage
getContract
const fracturaContract = getContract(ChainID.MAINNET, CollectionID.Factura, provider);
Development
Generating new types
- do
yarn genfrom the root directory
Publishing a new version
Publishing a new version is done as follows:
- branch-off from main
- run
yarn version --new-version [new-version] && git push --follow-tags - CI will recognise the new tag and publish to npm
Build and publish
The publish step is done via a GitHub workflow, collections.publish.yml.
When executing the yarn version command, yarn will do a couple of things. First it will make a commit to modify the
package.json to be equal to the new version you provided, it will then tag the commit with the version. The second
command you instruct, git push --follow-tags will push the new commit and tags to the branch. The workflow has an
on.push.tags trigger, filtered on tags prefixed with collections/v. On a run, the workflow simply does a
yarn publish [new-version] based on the tag version that triggered the run. Note, the version prefix is set in the
.yarnrc file included in this directory.
The publish step will push to the gmdaoeth org npm package, therefore an npmjs token with automation privileges
needs to be added as a secret to the workflow, this is passed as env.NODE_AUTH_TOKEN.
Manually publishing a new package
If needed/you want, you can manually publish a new version of the package, simply by running yarn publish from the
root of the project. For example, you may want to test your branch changes from another repo, so can do something like
yarn publish --new-version 1.0.1-alpha
Note, in order to publish from your machine you will need to have logged-in with npm (use npm adduser and enter your
npm login details). Additionally, your account should be added to the @gmdaoeth team on npmjs.
FAQs
gmdao collections
We found that @gmdaoeth/collections demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Package last updated on 18 Dec 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Announcing Socket Fix 2.0
Socket Fix 2.0 brings targeted CVE remediation, smarter upgrade planning, and broader ecosystem support to help developers get to zero alerts.
By Martin Torp, John-David Dalton, Jeppe Fredsgaard Blaabjerg, Benjamin Barslev, Oskar Haarklou Veileborg - Sep 10, 2025
Security News
Feross on Risky Business Weekly Podcast: npm’s Ongoing Supply Chain Attacks
Socket CEO Feross Aboukhadijeh joins Risky Business Weekly to unpack recent npm phishing attacks, their limited impact, and the risks if attackers get smarter.
By Sarah Gooding - Sep 10, 2025