Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
edge-core-js
Advanced tools
This library implements the Edge login system. It runs inside a client application, and provides zero-knowledge backup for cryptographic keys and other secrets via a familiar password-based login system.
We have documentation at https://developer.airbitz.co/javascript/, but our Flow types are the best, most up-to-date reference for what this library contains.
To quickly get up and running with the UI for account creation, login, and management, use edge-login-ui-web for the web or edge-login-ui-rn for React Native.
Add this library to your project using npm install --save edge-core-js
.
To create an EdgeContext
object, which provides various methods for logging in and creating account, do something like this:
const context = await makeEdgeContext({
apiKey: '...', // Get this from our support team
appId: 'com.your-app',
plugins: {
// Configure currencies, exchange rates, and swap providers you want to use:
'bitcoin': true
}
})
The core uses various plugins to provide its currency, exchange rate, and swap features. These plugins ship separately, and are designed to load in parallel with the core:
import { addEdgeCorePlugins, lockEdgeCorePlugins } from 'edge-core-js'
import exchangePlugins from 'edge-exchange-plugins'
import bitcoinPlugins from 'edge-currency-bitcoin'
import currencyPlugins from 'edge-currency-accountbased'
addEdgeCorePlugins(exchangePlugins)
addEdgeCorePlugins(bitcoinPlugins)
addEdgeCorePlugins(currencyPlugins)
lockEdgeCorePlugins()
If the core seems to hang forever when logging in, you probably forgot to call lockEdgeCorePlugins
.
Please note that edge-core-js uses modern JavaScript syntax features such as async
, so you may need to run the library through Babel if you plan to run it in a browser. Node 10+ supports these features natively.
Edge-core-js directly supports React Native v0.60+ with autolinking. Simply add edge-core-js to your application, and React Native will link the necessary native modules & assets.
To create an EdgeContext
object, you need to mount a component:
<MakeEdgeContext
// Get this from our support team:
apiKey="..."
appId="com.your-app"
// Configure currencies and swap providers you want to use:
plugins={{
'bitcoin': true
}}
pluginUris={[
"edge-currency-plugins.js",
"edge-exchange-plugins.js"
]}
// Called when the core is done loading:
onLoad={edgeContext => {}}
onError={error => {}}
/>
The core itself runs inside a hidden WebView, which this MakeEdgeContext
component mounts & manages.
The core creates a <script>
tag for each source file in the pluginUris
array. For this to work, you need to add these plugin files to your app's native asset bundle, which is located at /android/app/src/main/assets/
on Android. For iOS, drag these files into the "Resources" section of your Xcode project.
To debug the core, run yarn start
inside the edge-core-js project, and then pass a debug={true}
property to the MakeEdgeContext
component. This tells the WebView to load the core from a local development server.
Run yarn
to download dependencies, and then run yarn prepare
to build the library.
Use yarn verify
to run all our code-quality tools. All sources are in the JavaScript Standard Style + Prettier. We check files prior to each commit, so if you have formatting issues, you can run yarn fix
to fix them automatically.
If you use Visual Studio Code, consider installing the ESLint extension. This will give you nice error highlighting as you work, along with quick fixes for formatting issues.
2.20.1 (2024-10-30)
FAQs
Edge account & wallet management library
The npm package edge-core-js receives a total of 234 weekly downloads. As such, edge-core-js popularity was classified as not popular.
We found that edge-core-js demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.