@hiveio/hivescript
Advanced tools
An open standard for Hive based apps.
Apps - URL format and canonical linking schemesBadActors - accounts mischiefs or phishing attemptsBadDomains - phishing domainsyarn add @hiveio/hivescript
On Hive, content is stored in blockchain and same information is accessible via different websites and services built on Hive. Canonical linking to origin of post is important for entire ecosystem to thrive.
Here is an example on how to do it in few simple lines:
import apps from "@hiveio/hivescript/apps.json";
let scheme = `${default_domain}/{category}/@{username}/{permlink}`;
// get app information from post json
const app = post.json_metadata.app;
if (app) {
const identifier = app.split("/")[0];
if (apps[identifier]) {
scheme = apps[identifier].url_scheme;
}
}
// return proper canonical link for post
const canonicalLink = scheme
.replace("{category}", entry.category)
.replace("{username}", entry.author)
.replace("{permlink}", entry.permlink);
Bad actors, list of account that is mostly created with intention to take advantage of user mistype. Sometimes simple misspell can direct funds into wrong accounts, this list contain those reported accounts.
This section could be part of wallet page in your Dapp where user enters account name to transfer funds to.
import badActors from '@hiveio/hivescript/bad-actors.json';
if (badActors.includes(to_account)) {
console.warn("Use caution sending to this account. Please double check your spelling for possible phishing.");
}
Phishing domains, list of phishing domains, we recommend Dapp/frontend developers check external link clicks and warn users about potential phishing domains.
This section could be part of content rendering or external link clicking event listener in your web/mobile/desktop apps.
import badDomains from '@hiveio/hivescript/bad-domains.json';
const regex = /^(?:https?:\/\/)?(?:[^@\/\n]+@)?(?:www\.)?([^:\/?\n]+)/
external_link = external_link.match(regex)[1]
if (badDomains.includes(external_link)) {
console.warn("Security alert! Site ahead contains malware / Suspected phishing page.");
}
FAQs
An open standard for Hive based apps.
We found that @hiveio/hivescript demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.
Research
Malicious versions of the Telnyx Python SDK on PyPI delivered credential-stealing malware via a multi-stage supply chain attack.
Security News
TeamPCP is partnering with ransomware group Vect to turn open source supply chain attacks on tools like Trivy and LiteLLM into large-scale ransomware operations.