Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@shopify/app-bridge
Advanced tools
**[Join our team and work on libraries like this one.](https://www.shopify.ca/careers)**
@shopify/app-bridge
Join our team and work on libraries like this one.
You can use Shopify App Bridge to embed apps and channels directly into the Shopify admin, Shopify Mobile, and Shopify POS. Shopify App Bridge helps to reduce your development time by accessing native Shopify features across different platforms, and makes sure that the user experience is consistent wherever merchants are using your app.
Shopify App Bridge is a replacement for the now deprecated Embedded App SDK.
You can install Shopify App Bridge by using Yarn:
yarn add @shopify/app-bridge
In the following example, you need to store host
during the authentication process and then retrieve it for the code to work properly. To learn more about this process, see Getting and storing the shop origin.
Import the library from the @shopify/app-bridge
package and provide a configuration:
import createApp from '@shopify/app-bridge';
const app = createApp({
apiKey: 'API key from Shopify Partner Dashboard',
host: 'host from URL search parameter',
});
Shopify App Bridge introduces the concept of actions. An action provides a way for applications and hosts to trigger events with a statically-typed payload.
To learn more about the supported actions, see the actions documentation.
Once the app is set up, you can access additional details and the state of the app at
any time by making async call app.getState()
:
app.getState().then((state: any) => {
console.info('App State: %o', state);
});
You can also use a shorthand to retrieve nested properties by passing in a query
when calling getState(query)
, for example:
app.getState('pos.user').then((user: any) => {
console.log('POS User: %o', user);
});
Shopify App Bridge can be extended with hooks, which run when actions are dispatched and updated. Hooks are middleware that can modify or cancel actions.
Shopify App Bridge is shipped with a development build, which provides detailed debugging information during development.
If you're consuming App Bridge from a CDN or using the UMD build, simply include the development version:
umd/index.development.js
instead of umd/index.js
When consumed as JS Modules, development/production build is dynamically selected based on the NODE_ENV
variable. Development build is used when NODE_ENV=development
.
Please note that the development build is not intended for production use, as the file size is significantly larger.
FAQs
**[Join our team and work on libraries like this one.](https://www.shopify.ca/careers)**
We found that @shopify/app-bridge demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 25 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.