![Malicious npm Package Typosquats react-login-page to Deploy Keylogger](https://cdn.sanity.io/images/cgdhsj6q/production/007b21d9cf9e03ae0bb3f577d1bd59b9d715645a-1024x1024.webp?w=400&fit=max&auto=format)
Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
@lens-protocol/react
Advanced tools
Readme
@lens-protocol/react
The official Lens Protocol bindings for React applications.
This package enables you to build applications on top of the Lens Protocol using React.
Note
This is a low-level package, if you are building a web application you might want to look into
@lens-protocol/react-web
package.You can use this package to build a React Native app, see the
example/react-native
example in this repo. In the future we are considering to provide a battery-included@lens-protocol/react-native
package for RN apps.
These are some common issues you may run into while using @lens-protocol/react
. If you encounter something not listed here try searching for GitHub issues.
You might see your Next.js failing with an error like this:
Error: Directory import '[...]/node_modules/@apollo/client/link/context' is not supported resolving ES modules imported from [...]/node_modules/@lens-protocol/api-bindings/dist/index.js
Did you mean to import @apollo/client/link/context/context.cjs?
The root cause is the lack of ESM support from Apollo Client which manifests itself when imported as sub-dependency of @lens-protocol/api-bindings
(which in turn is imported by @lens-protocol/react
). See open Apollo Client issue.
To fix it you need to edit you next.config.js
so to make sure the Lens SDK and its sub-dependencies a transpiled by Next.js build pipeline.
const nextConfig = {
transpilePackages: ['@lens-protocol'],
};
For further details on how to integrate Lens SDK with a Next.js app, there is a working Next.js example in this monorepo: https://github.com/lens-protocol/lens-sdk/tree/main/examples/nextjs
FAQs
Unknown package
We found that @lens-protocol/react demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.