Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
6.0.0 (2024-04-02)
revocable
and send
options from credential create command (#1345) (e1beeaf), closes #1342dataStoreORMGetVerifiableCredentialsByClaims
(#1299) (5aa97a2), closes #1285IIdentifier
(#1268) (e94aaf2)to
property.getChainIdForDidEthr
method has been renamed to getChainId
plugin.schema.json
files are now generated as plugin.schema.ts
.IDIDComm.sendDIDCommMessage()
has changed from a string representing the transport ID to an object that may include a returnMessage
property along with a transportId
property.DIDManager
has changed when working with alias
. It is mostly ignoring provider
unless it is used to create new identifiers. AbstractDIDStore
APIs have been adapted and implementations have changed.eth_signTransaction
algorithms may be slightly different as transactions are by default infered as type 1 (EIP1559)@veramo/data-store
to work with your credentials, you will have to recompute them using the @veramo/utils#computeEntryHash
method.FAQs
DID Agent Framework Core Logic & Interfaces.
The npm package daf-core receives a total of 11 weekly downloads. As such, daf-core popularity was classified as not popular.
We found that daf-core demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.