Security News
The Hidden Blast Radius of the Axios Compromise
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.
By Ahmad Nassri - Apr 01, 2026
New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →
@hiveio/dhive-node
Advanced tools
dhive
THIS IS A QUICK TSCONFIG REWRITE THAT REMOVES BROWERSIFY SUPPORT TO REDUCE BUNDLED SIZE
Robust hive client library that runs in both node.js and the browser.
Needs test net urls, chain id
note As of version 0.7.0 WebSocket support has been removed. The only transport provided now is HTTP(2). For most users the only change required is to swap wss:// to https:// in the address. If you run your own full node make sure to set the proper CORS headers if you plan to access it from a browser.
Browser compatibility
Installation
Via npm
For node.js or the browser with browserify or webpack.
npm install @hiveio/dhive
From cdn or self-hosted script
Grab dist/dhive.js from git and include in your html:
<script src="@hiveio/dhive.js"></script>
Or from the unpkg cdn:
<script src="https://unpkg.com/@hiveio/dhive@latest/dist/dhive.js"></script>
Make sure to set the version you want when including from the cdn, you can also use dhive@latest but that is not always desirable. See unpkg.com for more information.
Usage
In the browser
<script src="https://unpkg.com/@hiveio/dhive@latest/dist/dhive.js"></script>
<script>
var client = new dhive.Client(["https://api.hive.blog", "https://api.hivekings.com", "https://anyx.io", "https://api.openhive.network"]);
client.database
.getDiscussions("trending", { tag: "writing", limit: 1 })
.then(function(discussions) {
document.body.innerHTML += "<h1>" + discussions[0].title + "</h1>";
document.body.innerHTML += "<h2>by " + discussions[0].author + "</h2>";
document.body.innerHTML +=
'<pre style="white-space: pre-wrap">' + discussions[0].body + "</pre>";
});
</script>
See the demo source for an example on how to setup a livereloading TypeScript pipeline with wintersmith and browserify.
In node.js
With TypeScript:
import { Client } from "@hiveio/dhive";
const client = new Client(["https://api.hive.blog", "https://api.hivekings.com", "https://anyx.io", "https://api.openhive.network"]);
for await (const block of client.blockchain.getBlocks()) {
console.log(`New block, id: ${block.block_id}`);
}
With JavaScript:
var dhive = require("@hiveio/dhive");
var client = new dhive.Client(["https://api.hive.blog", "https://api.hivekings.com", "https://anyx.io", "https://api.openhive.network"]);
var key = dhive.PrivateKey.fromLogin("username", "password", "posting");
client.broadcast
.vote(
{
voter: "username",
author: "almost-digital",
permlink: "dhive-is-the-best",
weight: 10000
},
key
)
.then(
function(result) {
console.log("Included in block: " + result.block_num);
},
function(error) {
console.error(error);
}
);
With ES2016 (node.js 7+):
const { Client } = require("@hiveio/dhive");
const client = new Client(["https://api.hive.blog", "https://api.hivekings.com", "https://anyx.io", "https://api.openhive.network"]);
async function main() {
const props = await client.database.getChainProperties();
console.log(`Maximum blocksize consensus: ${props.maximum_block_size} bytes`);
client.disconnect();
}
main().catch(console.error);
With node.js streams:
var dhive = require("@hiveio/dhive");
var es = require("event-stream"); // npm install event-stream
var util = require("util");
var client = new dhive.Client(["https://api.hive.blog", "https://api.hivekings.com", "https://anyx.io", "https://api.openhive.network"]);
var stream = client.blockchain.getBlockStream();
stream
.pipe(
es.map(function(block, callback) {
callback(null, util.inspect(block, { colors: true, depth: null }) + "\n");
})
)
.pipe(process.stdout);
Bundling
The easiest way to bundle dhive (with browserify, webpack etc.) is to just npm install @hiveio/dhive and require('@hiveio/dhive') which will give you well-tested (see browser compatibility matrix above) pre-bundled code guaranteed to JustWork™. However, that is not always desirable since it will not allow your bundler to de-duplicate any shared dependencies dhive and your app might have.
To allow for deduplication you can require('@hiveio/dhive/lib/index-browser'), or if you plan to provide your own polyfills: require('@hiveio/dhive/lib/index'). See src/index-browser.ts for a list of polyfills expected.
Share and Enjoy!
Keywords
FAQs
Hive blockchain RPC client library
We found that @hiveio/dhive-node demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 7 open source maintainers collaborating on the project.
Package last updated on 26 Jan 2022
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Supply Chain Attack on Axios Pulls Malicious Dependency from npm
A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.
By Socket Research Team - Mar 31, 2026
Research
TeamPCP Compromises Telnyx Python SDK to Deliver Credential-Stealing Malware
Malicious versions of the Telnyx Python SDK on PyPI delivered credential-stealing malware via a multi-stage supply chain attack.
By Socket Research Team - Mar 27, 2026