Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@spotify-confidence/openfeature-web-provider
Advanced tools
![](https://img.shields.io/badge/lifecycle-beta-a0c3d2.svg)
JavaScript implementation of the Confidence OpenFeature web provider, to be used in conjunction wth the OpenFeature Web SDK. This implements the static paradigm of OpenFeature.
To add the packages to your dependencies run:
yarn add @openfeature/web-sdk @spotify-confidence/openfeature-web-provider
setProvider
makes the Provider launch a network request to initialize the flags. In cases of success the
ProviderEvents.Ready
event will be emitted. In cases of failure of the network request, the ProviderEvent.Error
event will be emitted. The ProviderEvents events will be emitted only when we are done with the network request, either
a successful or a failed network response. If the network response failed, default values will be returned on flag
evaluation, if the network request is successful we update the flags and then emit ProviderEvents.Ready
.
import { createConfidenceWebProvider } from '@spotify-confidence/openfeature-web-provider';
import { OpenFeature, OpenFeatureAPI } from '@openfeature/web-sdk';
const provider = createConfidenceWebProvider({
clientSecret: 'mysecret',
region: 'eu',
fetchImplementation: window.fetch.bind(window),
});
await OpenFeature.setContext({
targetingKey: 'myTargetingKey',
});
OpenFeature.setProvider(provider);
const client = OpenFeature.getClient();
const result = client.getBooleanValue('flag.my-boolean', false);
Notes:
setContext
while setProvider
is running, you can await setting the context first, or listen to the ProviderEvent.Ready
via a handler on OpenFeaure
.setProvider
and setContext
are running: resolves might return the default value with reason STALE
during such operations.FAQs
Unknown package
The npm package @spotify-confidence/openfeature-web-provider receives a total of 27 weekly downloads. As such, @spotify-confidence/openfeature-web-provider popularity was classified as not popular.
We found that @spotify-confidence/openfeature-web-provider demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.