Security News
The Risks of Misguided Research in Supply Chain Security
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.
@solana/rpc-subscriptions-spec
Advanced tools
A generic implementation of JSON RPC Subscriptions using proxies
This package contains types that describe the implementation of the JSON RPC Subscriptions API, as well as methods to create one. It can be used standalone, but it is also exported as part of the Solana JavaScript SDK @solana/web3.js@rc
.
This API is designed to be used as follows:
const rpcSubscriptions =
// Step 1 - Create an `RpcSubscriptions` instance. This may be stateful.
createSolanaRpcSubscriptions(mainnet('wss://api.mainnet-beta.solana.com'));
const response = await rpcSubscriptions
// Step 2 - Call supported methods on it to produce `PendingRpcSubscriptionsRequest` objects.
.slotNotifications({ commitment: 'confirmed' })
// Step 3 - Call the `subscribe()` method on those pending requests to trigger them.
.subscribe({ abortSignal: AbortSignal.timeout(10_000) });
// Step 4 - Iterate over the result.
try {
for await (const slotNotification of slotNotifications) {
console.log('Got a slot notification', slotNotification);
}
} catch (e) {
console.error('The subscription closed unexpectedly', e);
} finally {
console.log('We have stopped listening for notifications');
}
RpcSubscriptionsChannel<TOutboundMessage, TInboundMessage>
A channel is a DataPublisher
that you can subscribe to events of type RpcSubscriptionChannelEvents<TInboundMessage>
. Additionally, you can use it to send messages of type TOutboundMessage
back to the remote end by calling the send(message)
method.
RpcSubscriptionsChannelCreator<TOutboundMessage, TInboundMessage>
A channel creator is a function that accepts an AbortSignal
, returns a new RpcSubscriptionsChannel
, and tears down the channel when the abort signal fires.
RpcSubscriptionChannelEvents<TInboundMessage>
Subscription channels publish events on two channel names:
error
: Fires when the channel closes unexpectedlymessage
: Fires on every message received from the remote endexecuteRpcPubSubSubscriptionPlan({ channel, responseTransformer, signal, subscribeRequest, unsubscribeMethodName })
Given a channel, this function executes the particular subscription plan required by the Solana JSON RPC Subscriptions API.
subscribeRequest
on the remote RPCDataPublisher
that publishes notifications related to that subscriptions id, filtering out all othersunsubscribeMethodName
on the remote RPC when the abort signal is fired.FAQs
A generic implementation of JSON RPC Subscriptions using proxies
The npm package @solana/rpc-subscriptions-spec receives a total of 23,336 weekly downloads. As such, @solana/rpc-subscriptions-spec popularity was classified as popular.
We found that @solana/rpc-subscriptions-spec demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 14 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.