Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
conffle-artifactor
Advanced tools
This package saves contract artifacts into JSON files
const Artifactor = require("truffle-conflux-artifactor");
const artifactor = new Artifactor(__dirname);
artifactor.save({/*...*/}); // => a promise saving MyContract.json to a given destination
👏
.json
files, which can then be included in your project with a simple require
.The artifactor can be used with truffle-conflux-contract, which provides features above and beyond web3
:
ES6
and async/await
.from
address or gas
.$ npm install truffle-conflux-artifactor
Here, we'll generate a .json
files given a JSON object like truffle-conflux-contract-schema. This will give us a file which we can later require
into other projects and contexts.
const Artifactor = require("truffle-conflux-artifactor");
const artifactor = new Artifactor(__dirname);
// See truffle-schema for more info: https://github.com/trufflesuite/truffle/tree/develop/packages/truffle-conflux-contract-schema
const contractData = {
contractName: "...", // String; optional.
abi: ..., // Array; required.
metadata: "...", // String; optional.
bytecode: "...", // String; optional.
"x-some-dependency": ... // String, Number, Object, or Array: optional.
};
artifactor.save(contractData);
// The file ./MyContract.json now exists, which you can
// import into your project like any other Javascript file.
artifactor.save(contractData)
Save contract data as a .json
file. Returns a Promise.
contractData
: Object. Data that represents this contract:
{
contractName: "MyContract", // String; optional. Defaults to "Contract".
abi: ..., // Array; required. Application binary interface.
metadata: "...", // String; optional. Contract metadata.
bytecode: "...", // String; optional. Contract-creation binary without resolve library links.
deployedBytecode: "...", // String; optional. On-chain deployed binary without resolve library links.
sourceMap: "...", // String; optional. Source mapping for bytecode.
deployedSourceMap: "...", // String; optional. Source mapping for deployedBytecode.
source: "...", // String; optional. Uncompiled source code for contract.
sourcePath: "...", // String; optional. File path for uncompiled source code.
ast: ..., // Object; optional. JSON representation of contract source code, as output by compiler.
legacyAST: ..., // Object; optional. Legacy JSON representation of contract source code, as output by compiler.
compiler: ..., // Object; optional. Compiler "type" and "properties".
networks: ..., // Object; optional. Mapping of network ID keys to network object values (address information, links to other contract instances, and/or contract event logs).
schemaVersion: "...", // String; optional. Schema version used by contract object representation.
updatedAt: "...", // String; optional. Time contract object representation was generated/most recently updated.
devdoc: "...", // String; optional. Developer documentation.
userdoc: "...", // String; optional. User documentation.
"x-custom-property": ... // String, Number, Object, or Array: optional. Custom property. Keys must be prefixed with "x-".
}
artifactor.saveAll(contracts)
Save many contracts to the filesystem at once. Returns a Promise.
contracts
: Object. Keys are the contract names and the values are contractData
objects, as in the save()
function above:
{
"MyContract": {
"abi": ...,
"bytecode": "..."
}
"AnotherContract": {
// ...
}
}
$ npm test
MIT
FAQs
A contract packager for Ethereum and Javascript
The npm package conffle-artifactor receives a total of 0 weekly downloads. As such, conffle-artifactor popularity was classified as not popular.
We found that conffle-artifactor demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.