Security News
The Changelog Podcast: Practical Steps to Stay Safe on npm
Learn the essential steps every developer should take to stay secure on npm and reduce exposure to supply chain attacks.
By Sarah Gooding -  Oct 31, 2025
🚀 DAY 5 OF LAUNCH WEEK: Introducing Socket Firewall Enterprise.Learn more →
@trezor/connect-common
Advanced tools
@trezor/connect-common
Collection of assets and utilities used by @trezor/connect* packages.
files
bridge
Data in releases.json are used to determine which version of Bridge to use depending on the user's operating system.
firmware
Binaries of the latest versions of firmware for each Trezor model are included in this package so that they are available to users of Suite desktop app without connecting to the internet. The process of adding new firmwares is described here. Besides the latest versions, T1B1 and T2T1 both require a transitory version for upgrading from old firmware (intermediary firmware trezor-inter-1.10.0.bin for T1B1 and version trezor-2.1.1.bin for T2T1).
There is a releases.json file for each Trezor model which must be updated any time new binaries are added. This file provides data about all available firmware versions and it is used to display them in Suite and to make sure that the correct firmware is downloaded. Read more about releases.json and it's structure here
src
Storage
A utility to remember app permissions given by user.
Publishing
Follow instructions how to publish @trezor package to npm registry.
Keywords
FAQs
Collection of assets and utils used by trezor-connect library.
The npm package @trezor/connect-common receives a total of 138,890 weekly downloads. As such, @trezor/connect-common popularity was classified as popular.
We found that @trezor/connect-common demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 5 open source maintainers collaborating on the project.
Package last updated on 23 Oct 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Security Community Slams MIT-linked Report Claiming AI Powers 80% of Ransomware
Experts push back on new claims about AI-driven ransomware, warning that hype and sponsored research are distorting how the threat is understood.
By Sarah Gooding -  Oct 30, 2025
Security News
Ruby Core Team Assumes Stewardship of RubyGems and Bundler, Former Maintainers Offer to Transfer All Rights to Matz
Ruby's creator Matz assumes control of RubyGems and Bundler repositories while former maintainers agree to step back and transfer all rights to end the dispute.
By Sarah Gooding -  Oct 29, 2025