Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@spotify-confidence/openfeature-web-provider
Advanced tools
![](https://img.shields.io/badge/lifecycle-beta-a0c3d2.svg)
JavaScript implementation of the Confidence OpenFeature web provider, to be used in conjunction wth the OpenFeature Web SDK. This implements the static paradigm of OpenFeature.
To add the packages to your dependencies run:
yarn add @openfeature/web-sdk @spotify-confidence/openfeature-web-provider
setProvider
makes the Provider launch a network request to initialize the flags. In cases of success the
ProviderEvents.Ready
event will be emitted. In cases of failure of the network request, the ProviderEvent.Error
event will be emitted. The ProviderEvents events will be emitted only when we are done with the network request, either
a successful or a failed network response. If the network response failed, default values will be returned on flag
evaluation, if the network request is successful we update the flags and then emit ProviderEvents.Ready
.
import { createConfidenceWebProvider } from '@spotify-confidence/openfeature-web-provider';
import { OpenFeature } from '@openfeature/web-sdk';
const provider = createConfidenceWebProvider({
clientSecret: 'mysecret',
fetchImplementation: window.fetch.bind(window),
timeout: 1000,
});
OpenFeature.setContext({
targetingKey: 'myTargetingKey',
});
await OpenFeature.setProviderAndWait(provider);
const client = OpenFeature.getClient();
const result = client.getBooleanValue('flagName.my-boolean', false);
Notes:
The region option is used to set the region for the network request to the Confidence backend. When the region is not set, the default (global) region will be used.
The current regions are: eu
and us
, the region can be set as follows:
const provider = createConfidenceWebProvider({
region: 'eu', // or 'us'
// ... other options
});
The timeout option is used to set the timeout for the network request to the Confidence backend. When the timeout is reached, default values will be returned.
See apply concept.
By default, 'access'
apply is used, using a timeout of 250ms.
To use Backend Apply, set the apply option to 'backend'
:
const provider = createConfidenceWebProvider({
...,
apply: 'backend'
});
FAQs
Unknown package
The npm package @spotify-confidence/openfeature-web-provider receives a total of 27 weekly downloads. As such, @spotify-confidence/openfeature-web-provider popularity was classified as not popular.
We found that @spotify-confidence/openfeature-web-provider demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.