@toruslabs/torus.js - npm Package Compare versions

Comparing version 2.1.5 to 2.1.6

package.json

 {
   "name": "@toruslabs/torus.js",
-  "version": "2.1.5",
+  "version": "2.1.6",
   "description": "Handle communication with torus nodes",
@@ -54,2 +54,3 @@ "main": "dist/torusUtils.cjs.js",
     "lint-staged": "^10.2.9",
+    "node-fetch": "^2.6.0",
     "parallel-webpack": "^2.6.0",
@@ -56,0 +57,0 @@ "prettier": "^2.0.5",

README.md

@@ -31,3 +31,3 @@ # Torus.js
 
-This module is distributed in 3 formats
+This module is distributed in 4 formats
 
@@ -37,5 +37,6 @@ - `commonjs` build `dist/torusUtils.cjs.js` in es5 format
 - `umd` build `dist/torusUtils.polyfill.umd.min.js` in es5 format with polyfilling corejs minified
+- `nodejs` build `dist/torusUtils-node.js` in es5 format
 
 By default, the appropriate format is used for your specified usecase
-You can use a different format (if you know what you're doing) by referencing the correct file
+You can use a different format (if you know what you're doing eg. node) by referencing the correct file
 
@@ -108,2 +109,19 @@ The cjs build is not polyfilled with core-js.
 
+```js
+// For Node.js
+const FetchNodeDetails = require("@toruslabs/fetch-node-details/dist/fetchNodeDetails-node.js");
+const TorusUtils = require('@toruslabs/torus.js/dist/torusUtils-node.js')
+
+const fetchNodeDetails = new FetchNodeDetails()
+const torus = new TorusUtils()
+const verifier = 'google' // any verifier
+const verifierId = 'hello@tor.us' // any verifier id
+fetchNodeDetails
+  .getNodeDetails()
+  .then(({ torusNodeEndpoints, torusNodePub }) => torus.getPublicAddress(torusNodeEndpoints, torusNodePub, { verifier, verifierId }))
+  .then((publicAddress) => console.log(publicAddress))
+
+```
+
+
 ## Requirements
@@ -110,0 +128,0 @@

New alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 2 instances in 1 package

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 4 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

2230297

increased by45.75%

Number of package files

8

increased by14.29%

Lines of code

26580

increased by365.25%

Number of lines in readme file

128

increased by16.36%

Worsened metrics

Dev dependency count

29

increased by3.57%

Number of low supply chain risk alerts

14

increased by180%

Number of medium supply chain risk alerts

21

increased by250%

No dependency changes