Research
2025 Report: Destructive Malware in Open Source Packages
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
By Kush Pandya - Dec 24, 2025
create-hardhat3-app
Advanced tools
Create Hardhat 3 App
构建npm包
# 1. 登录 npm(首次)
npm login
# 2. 检查配置
npm whoami # 确认登录的账户
npm config list
# 3. 构建项目
npm run build
版本管理
# 更新版本号(自动更新 package.json)
npm version patch # 1.0.0 -> 1.0.1 (bug 修复)
npm version minor # 1.0.0 -> 1.1.0 (新功能)
npm version major # 1.0.0 -> 2.0.0 (破坏性更改)
# 或手动编辑 package.json 中的 version
发布
# 发布到 npm
npm publish
创建新项目
# 使用 npx (推荐)
npx create-hardhat3-app my-project
# 使用 npm
npm create-hardhat3-app my-project
# 使用 yarn
yarn create-hardhat3-app my-project
本地创建
node evm-cli/bin/cli.js test-hardhat-app --package-manager npm
项目创建后
cd my-project
npm run compile # 编译合约
npm test # 运行测试
npm run deploy # 部署合约
生成的项目包含:
合约
Counter.sol- 示例计数器合约Storage.sol- 数据存储示例
测试
Counter.t.sol- Solidity 测试(Foundry 风格)Counter.ts- TypeScript 测试(Mocha + Ethers)
脚本
deploy.ts- 部署脚本utils/helpers.ts- 工具函数
配置
- Hardhat 3 完整配置
- TypeScript 支持
- Hardhat Ignition 集成
- OpenZeppelin 集成
📖 项目结构
my-project/
├── contracts/ # Solidity 合约
│ ├── Counter.sol
│ └── examples/
│ └── Storage.sol
├── test/ # 测试文件
│ ├── Counter.t.sol # Solidity 测试
│ └── Counter.ts # TypeScript 测试
├── scripts/ # 部署和交互脚本
│ ├── deploy.ts
│ └── utils/
├── ignition/ # Hardhat Ignition
│ └── modules/
├── hardhat.config.ts # Hardhat 配置
├── package.json
├── tsconfig.json
└── README.md
FAQs
快速创建 Hardhat 3 项目的 CLI 脚手架工具
The npm package create-hardhat3-app receives a total of 0 weekly downloads. As such, create-hardhat3-app popularity was classified as not popular.
We found that create-hardhat3-app demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 14 Oct 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Engineering with AI Podcast: The Promise of AI-First Development
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.
By Sarah Gooding - Dec 24, 2025
Research
/Security News
Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations
A five-month operation turned 27 npm packages into durable hosting for browser-run lures that mimic document-sharing portals and Microsoft sign-in, targeting 25 organizations across manufacturing, industrial automation, plastics, and healthcare for credential theft.
By Nicholas Anderson, Kirill Boychenko - Dec 23, 2025