Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
@holochain/client
Advanced tools
A JavaScript client for the Holochain Conductor API (works with browsers as well as Nodejs).
JS client v0.12.x is compatible with Holochain v0.1.x.
JS client v0.16.x are compatible with Holochain v0.2.x.
To install from NPM, run
npm install --save-exact @holochain/client
This code is under beta development and you may wish to lock to an exact version of the library for that reason, as shown in the above command.
import { ActionHash, AdminWebsocket, AppAgentWebsocket, CellType } from "@holochain/client";
const adminWs = await AdminWebsocket.connect("ws://127.0.0.1:65000");
const agent_key = await adminWs.generateAgentPubKey();
const role_name = "role";
const installed_app_id = "test-app";
const appInfo = await adminWs.installApp({
agent_key,
path: "path/to/happ/file",
installed_app_id,
membrane_proofs: {},
});
await adminWs.enableApp({ installed_app_id });
if (!(CellType.Provisioned in appInfo.cell_info[role_name][0])) {
process.exit();
}
const { cell_id } = appInfo.cell_info[role_name][0][CellType.Provisioned];
await adminWs.authorizeSigningCredentials(cell_id);
await adminWs.attachAppInterface({ port: 65001 });
const appAgentWs = await AppAgentWebsocket.connect(
"ws://127.0.0.1:65001",
installed_app_id
);
const zomeCallPayload: CallZomeRequest = {
cell_id,
zome_name: "zome_name",
fn_name: "create_entry",
provenance: agent_key,
payload: "some_content",
};
const response: ActionHash = await appAgentWs.callZome(zomeCallPayload, 30000);
await appAgentWs.appWebsocket.client.close();
await adminWs.client.close();
import { AdminWebsocket, AppWebsocket, CellType } from "@holochain/client";
const adminWs = await AdminWebsocket.connect("ws://127.0.0.1:65000");
const agent_key = await adminWs.generateAgentPubKey();
const installed_app_id = "test-app";
const appInfo = await adminWs.installApp({
agent_key,
path: "path/to/happ/file",
installed_app_id,
membrane_proofs: {},
});
await adminWs.enableApp({ installed_app_id });
if (!(CellType.Provisioned in appInfo.cell_info["role"][0])) {
process.exit();
}
const { cell_id } = appInfo.cell_info["role"][0][CellType.Provisioned];
await adminWs.authorizeSigningCredentials(cell_id);
await adminWs.attachAppInterface({ port: 65001 });
const appWs = await AppWebsocket.connect("ws://127.0.0.1:65001");
let signalCb;
const signalReceived = new Promise<void>((resolve) => {
signalCb = (signal) => {
console.log("signal received", signal);
// act on signal
resolve();
};
});
appWs.on("signal", signalCb);
// trigger an emit_signal
await appWs.callZome({
cell_id,
zome_name: "zome",
fn_name: "emitter",
provenance: agent_key,
payload: null,
});
await signalReceived;
await appWs.client.close();
await adminWs.client.close();
Here is a pattern to manage signing keys for signing zome calls when running pure JavaScript web hApps in a web browser:
const cellIdB64 =
encodeHashToBase64(cell_id[0]) + encodeHashToBase64(cell_id[1]);
// in case the zome call signing credentials are stored locally in the browser
const signingCredentialsJson = localStorage.getItem(cellIdB64);
let signingCredentials: SigningCredentials | null =
signingCredentialsJson && JSON.parse(signingCredentialsJson);
if (!signingCredentials) {
const [keyPair, signingKey] = generateSigningKeyPair();
const capSecret = await admin.grantSigningKey(
cell_id,
{ [GrantedFunctionsType.All]: null },
signingKey
);
signingCredentials = {
capSecret,
keyPair,
signingKey,
};
}
setSigningCredentials(cell_id, signingCredentials);
// possibly store the zome call signing credentials locally in the browser
localStorage.setItem(cellIdB64, JSON.stringify(signingCredentials));
You need a version (stable
toolchain) of Rust available.
You need holochain
and hc
on your path, best to get them from nix with nix-shell
.
To perform the pre-requisite DNA compilation steps, and run the Nodejs test, run:
nix-shell
./run-test.sh
Holochain is an open source project. We welcome all sorts of participation and are actively working on increasing surface area to accept it. Please see our contribution guidelines for our general practices and protocols on participating in the community, as well as specific expectations around things like code formatting, testing practices, continuous integration, etc.
Copyright (C) 2020-2023, Holochain Foundation
This program is free software: you can redistribute it and/or modify it under the terms of the license provided in the LICENSE file (CAL-1.0). This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
FAQs
A JavaScript client for the Holochain Conductor API
The npm package @holochain/client receives a total of 141 weekly downloads. As such, @holochain/client popularity was classified as not popular.
We found that @holochain/client demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.