Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@solana/errors
Advanced tools
Throw, identify, and decode Solana JavaScript errors
This package brings together every error message across all Solana JavaScript modules.
When your bundler sets the constant __DEV__
to true
, every error message will be included in the bundle. As such, you will be able to read them in plain language wherever they appear.
[!WARNING] The size of your JavaScript bundle will increase significantly with the inclusion of every error message in development mode. Be sure to build your bundle with
__DEV__
set tofalse
when you go to production.
When your bundler sets the constant __DEV__
to false
, error messages will be stripped from the bundle to save space. Only the error code will appear when an error is encountered. Follow the instructions in the error message to convert the error code back to the human-readable error message.
For instance, to recover the error text for the error with code 123
:
npx @solana/errors decode -- 123
src/codes.ts
.SolanaErrorCode
union in src/codes.ts
.src/context.ts
.src/messages.ts
. Any context values that you defined above will be interpolated into the message wherever you write $key
, where key
is the index of a value in the context (eg. 'Missing a signature for account `$address`'
).@solana/errors
.@solana/errors
in the package from which the error is thrown.When an older client throws an error, we want to make sure that they can always decode the error. If you make any of the changes above, old clients will, by definition, not have received your changes. This could make the errors that they throw impossible to decode going forward.
When you catch a SolanaError
and assert its error code using isSolanaError()
, TypeScript will refine the error's context to the type associated with that error code. You can use that context to render useful error messages, or to make context-aware decisions that help your application to recover from the error.
import {
SOLANA_ERROR__TRANSACTION__MISSING_SIGNATURE,
SOLANA_ERROR__TRANSACTION__FEE_PAYER_SIGNATURE_MISSING,
isSolanaError,
} from '@solana/errors';
import { assertTransactionIsFullySigned, getSignatureFromTransaction } from '@solana/transactions';
try {
const transactionSignature = getSignatureFromTransaction(tx);
assertTransactionIsFullySigned(tx);
/* ... */
} catch (e) {
if (isSolanaError(e, SOLANA_ERROR__TRANSACTION__SIGNATURES_MISSING)) {
displayError(
"We can't send this transaction without signatures for these addresses:\n- %s",
// The type of the `context` object is now refined to contain `addresses`.
e.context.addresses.join('\n- '),
);
return;
} else if (isSolanaError(e, SOLANA_ERROR__TRANSACTION__FEE_PAYER_SIGNATURE_MISSING)) {
if (!tx.feePayer) {
displayError('Choose a fee payer for this transaction before sending it');
} else {
displayError('The fee payer still needs to sign for this transaction');
}
return;
}
throw e;
}
FAQs
Throw, identify, and decode Solana JavaScript errors
We found that @solana/errors demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 14 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.