eth-block-tracker
Advanced tools
Comparing version 1.0.15 to 1.0.16
@@ -303,3 +303,3 @@ 'use strict'; | ||
case 19: | ||
_context5.next = 30; | ||
_context5.next = 31; | ||
break; | ||
@@ -322,3 +322,3 @@ | ||
this._pollForNextBlock(); | ||
_context5.next = 30; | ||
_context5.next = 31; | ||
break; | ||
@@ -328,4 +328,5 @@ | ||
console.error(_context5.t0); | ||
this._pollForNextBlock(); | ||
case 30: | ||
case 31: | ||
case 'end': | ||
@@ -332,0 +333,0 @@ return _context5.stop(); |
{ | ||
"name": "eth-block-tracker", | ||
"version": "1.0.15", | ||
"version": "1.0.16", | ||
"description": "This module walks the Ethereum blockchain, keeping track of the latest block. It uses a web3 provider as a data source and will continuously poll for the next block.", | ||
@@ -26,2 +26,3 @@ "main": "dist/index.js", | ||
"babel-preset-stage-3": "^6.24.1", | ||
"browserify": "^14.3.0", | ||
"json-rpc-engine": "^2.0.0" | ||
@@ -28,0 +29,0 @@ }, |
const test = require('tape') | ||
const RpcBlockTracker = require('../bundle/index') | ||
const RpcBlockTracker = require('../lib/index') | ||
const JsonRpcEngine = require('json-rpc-engine') | ||
@@ -38,3 +38,3 @@ const TestBlockMiddleware = require('./util/testBlockMiddleware') | ||
}) | ||
blockTracker.once('latest', () => { | ||
@@ -47,3 +47,35 @@ t.pass('saw latest block') | ||
blockTracker.start({ fromBlock: '0x01' }) | ||
}) | ||
test('param validity', (t) => { | ||
const engine = new JsonRpcEngine() | ||
const testBlockSource = new TestBlockMiddleware() | ||
testBlockSource.nextBlock() | ||
testBlockSource.nextBlock() | ||
engine.push(testBlockSource.createMiddleware()) | ||
const provider = { | ||
sendAsync: engine.handle.bind(engine), | ||
} | ||
const blockTracker = new RpcBlockTracker({ provider }) | ||
const methodCache = blockTracker._query.getBlockByNumber | ||
const fakeMethod = (blockNumber, fullTxs, cb) => { | ||
t.ok(blockNumber.substr(2).indexOf('0') !== 0, 'no leading zeroes') | ||
methodCache.call(blockTracker._query, blockNumber, fullTxs, cb) | ||
} | ||
blockTracker._query.getBlockByNumber = fakeMethod | ||
blockTracker.once('block', () => { | ||
t.pass('saw 1st block') | ||
blockTracker._query.getBlockByNumber = methodCache | ||
blockTracker.stop() | ||
t.end() | ||
}) | ||
blockTracker.start({ fromBlock: '0x01' }) | ||
}) | ||
const incrementHexNumber = require('../../lib/hexUtils').incrementHexNumber | ||
const formatHex = require('../../lib/hexUtils').formatHex | ||
@@ -20,3 +21,3 @@ module.exports = class TestBlockMiddleware { | ||
} | ||
createMiddleware() { | ||
@@ -38,2 +39,3 @@ return (req, res, next, end) => { | ||
function createBlock(blockParams){ | ||
blockParams.number = formatHex(blockParams.number) | ||
const hash = '0x'+Math.floor(Math.random()*Number.MAX_SAFE_INTEGER).toString(16) | ||
@@ -62,2 +64,2 @@ return Object.assign({ | ||
}, blockParams) | ||
} | ||
} |
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses eval() which is a dangerous function. This prevents the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 2 instances in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
489918
9
14143
6
5
4