
Security News
Package Maintainers Call for Improvements to GitHub’s New npm Security Plan
Maintainers back GitHub’s npm security overhaul but raise concerns about CI/CD workflows, enterprise support, and token management.
@setheum.js/evm-subql
Advanced tools
Subquery services that index and query Setheum EVM+ transactions and logs.
Subquery services that index and query Setheum EVM+ transactions and logs.
eth-provider
package if haven't done itrush update
rush build
yarn
yarn build
This includes a Setheum node within Docker.
docker-compose down && docker volume prune # clean docker volume (optional)
docker-compose up # linux users
docker-compose -f macos-docker-compose.yml up # mac users
Make sure to feed some EVM transactions to setheum node, for example we can use these evm examples.
npm i -g @subql/node @subql/query
run an Setheum node locally and listen to port 9944 (in terminal 1), and feed EVM data to it
run a postgres service and listen to port 5432 (in terminal 2)
docker run -it -p 5432:5432 -e POSTGRES_PASSWORD=postgres postgres:12-alpine
export DB_USER=postgres
export DB_PASS=postgres
export DB_DATABASE=postgres
export DB_HOST=localhost
export DB_PORT=5432
yarn index
export DB_USER=postgres
export DB_PASS=postgres
export DB_DATABASE=postgres
export DB_HOST=localhost
export DB_PORT=5432
yarn query
Now we can explorer graphql data at http://localhost:3001/ 🎉🎉
for example we can query
query {
transactionReceipts {
nodes {
id
to
from
transactionHash
transactionIndex
gasUsed
logs {
nodes {
id
}
}
}
}
logs {
nodes {
id,
blockNumber,
blockHash,
transactionIndex,
address,
data,
transactionHash,
receipt {
id
}
}
}
}
setters.js
use rush
to manage, but we use yarn
for this one. Since rush update
will cause tslib import problem, because rush
uses symlink so pacakges point to outside, but subql/node
's NodeVM doesn't allow import from outside.FAQs
Subquery services that index and query Setheum EVM+ transactions and logs.
We found that @setheum.js/evm-subql demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Maintainers back GitHub’s npm security overhaul but raise concerns about CI/CD workflows, enterprise support, and token management.
Product
Socket Firewall is a free tool that blocks malicious packages at install time, giving developers proactive protection against rising supply chain attacks.
Research
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.