Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@holochain/conductor-api
Advanced tools
Encode/decode messages to/from the Holochain Conductor API over Websocket
A nodejs implementation of the Holochain conductor API.
Holochain's conductor API is under active development. This node module tracks that development fairly closely but sometimes gets behind.
To install from NPM, run
npm install --save-exact @holochain/conductor-api
Note, this code is still under alpha development and npm releases are pre-releases with
dev
tags meaning they will not use full semantic versioning, and you may wish to lock to an exact version of the library for that reason, as shown in the above command.
const admin = await AdminWebsocket.connect(`http://localhost:8000`, TIMEOUT)
await admin.generateAgentPubKey()
const signalCb = (signal: AppSignal) => {
// impl...
resolve()
}
const TIMEOUT = 12000
// default timeout is set to 12000
const client = await AppWebsocket.connect(`http://localhost:${appPort}`, 12000, signalCb)
// default timeout set here (30000) will overwrite the defaultTimeout(12000) set above
await client.callZome({
cap: null,
cell_id,
zome_name: "test_zome",
fn_name: 'test_emitter_fn',
provenance: fakeAgentPubKey('TODO'),
payload: null,
}, 30000)
See docs/API.md
This version of holochain-conductor-api
is currently working with
holochain/holochain
0.0.114 at commit: 43e5a2ca5a7bf59a7b1beff1f54a13af1bf7ac52If updating this code, please make changes to the git rev/sha
above. (You can get this from hn-introspect
after updating the holonix-hash)
You need a version (stable
toolchain) of Rust available.
You need holochain
and hc
on your path, best to get them from nix with nix-shell
To perform the pre-requisite DNA compilation steps, and run the nodejs test, run:
./run-test.sh
Holochain is an open source project. We welcome all sorts of participation and are actively working on increasing surface area to accept it. Please see our contributing guidelines for our general practices and protocols on participating in the community, as well as specific expectations around things like code formatting, testing practices, continuous integration, etc.
Copyright (C) 2020-2021, Holochain Foundation
This program is free software: you can redistribute it and/or modify it under the terms of the license provided in the LICENSE file (CAL-1.0). This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
FAQs
Encode/decode messages to/from the Holochain Conductor API over Websocket
The npm package @holochain/conductor-api receives a total of 10,313 weekly downloads. As such, @holochain/conductor-api popularity was classified as popular.
We found that @holochain/conductor-api demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 13 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.