Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
firebase
Advanced tools
Firebase JavaScript library for web and Node.js
The firebase npm package is a comprehensive app development platform provided by Google that offers a variety of services such as real-time databases, authentication, cloud storage, hosting, and more. It is designed to help developers build and manage apps more efficiently.
Realtime Database
Firebase Realtime Database allows you to store and sync data between your users in real-time. This is a NoSQL database that lets you build rich, collaborative applications by allowing secure access to the database directly from client-side code.
const { initializeApp } = require('firebase/app');
const { getDatabase, ref, set } = require('firebase/database');
// Initialize Firebase
const app = initializeApp({ /* your config */ });
const database = getDatabase(app);
// Write data to your database
set(ref(database, 'users/1'), {
username: 'example',
email: 'user@example.com'
});
Authentication
Firebase Authentication provides backend services to help authenticate users, including simple sign-in functionality as well as third-party providers like Google, Facebook, and Twitter.
const { initializeApp } = require('firebase/app');
const { getAuth, createUserWithEmailAndPassword } = require('firebase/auth');
// Initialize Firebase
const app = initializeApp({ /* your config */ });
const auth = getAuth(app);
// Create a new user
createUserWithEmailAndPassword(auth, 'user@example.com', 'password')
.then((userCredential) => {
// Signed in
const user = userCredential.user;
// ...
})
.catch((error) => {
// Error handling
const errorCode = error.code;
const errorMessage = error.message;
// ...
});
Cloud Firestore
Cloud Firestore is a flexible, scalable database for mobile, web, and server development. It keeps your data in sync across client apps through real-time listeners and offers offline support.
const { initializeApp } = require('firebase/app');
const { getFirestore, collection, addDoc } = require('firebase/firestore');
// Initialize Firebase
const app = initializeApp({ /* your config */ });
const db = getFirestore(app);
// Add a new document with a generated id
addDoc(collection(db, 'users'), {
first: 'Ada',
last: 'Lovelace',
born: 1815
});
Cloud Storage
Firebase Cloud Storage is built for app developers who need to store and serve user-generated content, such as photos or videos.
const { initializeApp } = require('firebase/app');
const { getStorage, ref, uploadBytes } = require('firebase/storage');
// Initialize Firebase
const app = initializeApp({ /* your config */ });
const storage = getStorage(app);
// Create a storage reference from our storage service
const storageRef = ref(storage, 'some-child');
// Upload file
uploadBytes(storageRef, file).then((snapshot) => {
console.log('Uploaded a blob or file!');
});
Hosting
Firebase Hosting provides fast and secure hosting for your web app, static and dynamic content, and microservices.
const { initializeApp } = require('firebase/app');
const { getAuth } = require('firebase/auth');
const { getFirestore } = require('firebase/firestore');
const { getStorage } = require('firebase/storage');
// Initialize Firebase
// TODO: Replace the following with your app's Firebase project configuration
const firebaseConfig = {
//...
};
const app = initializeApp(firebaseConfig);
// The rest of your web app's Firebase initialization and setup goes here...
// For example, you might set up Firebase Authentication, Firestore, and Storage as shown above.
Parse Server is an open-source version of the Parse backend that can be deployed to any infrastructure that can run Node.js. It offers many of the same features as Firebase, such as a real-time database, file storage, and user authentication. However, being open-source, it provides more flexibility and control over the backend infrastructure.
AWS Amplify is a development platform for building secure, scalable mobile and web applications. It provides a similar range of services as Firebase, including authentication, data storage, and hosting. Amplify is tightly integrated with AWS services, which can be a benefit if you are already using AWS in your stack.
Realm is a mobile database and synchronization platform that can be used for building offline-first, reactive mobile experiences. It offers real-time synchronization and data storage capabilities similar to Firebase's Realtime Database and Firestore. Realm is known for its smooth integration with mobile development and its fast performance on mobile devices.
Version 9 has a redesigned API that supports tree-shaking. Read the Upgrade Guide to learn more.
Firebase provides the tools and infrastructure you need to develop, grow, and earn money from your app. This package supports web (browser), mobile-web, and server (Node.js) clients.
For more information, visit:
This SDK is intended for end-user client access from environments such as the Web, mobile Web (e.g. React Native, Ionic), Node.js desktop (e.g. Electron), or IoT devices running Node.js. If you are instead interested in using a Node.js SDK which grants you admin access from a privileged environment (like a server), you should use the Firebase Admin Node.js SDK.
Install the Firebase NPM module:
$ npm init
$ npm install --save firebase
import { initializeApp } from 'firebase/app';
// TODO: Replace the following with your app's Firebase project configuration
const firebaseConfig = {
//...
};
const app = initializeApp(firebaseConfig);
Firebase services (like Cloud Firestore, Authentication, Realtime Database, Remote Config, and more) are available to import within individual sub-packages.
The example below shows how you could use the Cloud Firestore Lite SDK to retrieve a list of data.
import { initializeApp } from 'firebase/app';
import { getFirestore, collection, getDocs } from 'firebase/firestore/lite';
// Follow this pattern to import other Firebase services
// import { } from 'firebase/<service>';
// TODO: Replace the following with your app's Firebase project configuration
const firebaseConfig = {
//...
};
const app = initializeApp(firebaseConfig);
const db = getFirestore(app);
// Get a list of cities from your database
async function getCities(db) {
const citiesCol = collection(db, 'cities');
const citySnapshot = await getDocs(citiesCol);
const cityList = citySnapshot.docs.map(doc => doc.data());
return cityList;
}
The Firebase Web SDK is designed to work with module bundlers to remove any unused code (tree-shaking). We strongly recommend using this approach for production apps. Tools such as the Angular CLI, Next.js, Vue CLI, or Create React App automatically handle module bundling for libraries installed through npm and imported into your codebase.
See Using module bundlers with Firebase for more information.
You can also load Firebase packages as script modules in browsers that support native ES modules.
<!-- use script module by specifying type="module" -->
<script type="module">
import { initializeApp } from 'https://www.gstatic.com/firebasejs/${FIREBASE_VERSION}/firebase-app.js';
import { getFirestore, collection, getDocs } from 'https://www.gstatic.com/firebasejs/${FIREBASE_VERSION}/firebase-firestore-lite.js';
// Follow this pattern to import other Firebase services
// import {} from "https://www.gstatic.com/firebasejs/${FIREBASE_VERSION}/firebase-analytics.js";
// import {} from "https://www.gstatic.com/firebasejs/${FIREBASE_VERSION}/firebase-app-check.js";
// import {} from "https://www.gstatic.com/firebasejs/${FIREBASE_VERSION}/firebase-auth.js";
// import {} from "https://www.gstatic.com/firebasejs/${FIREBASE_VERSION}/firebase-functions.js";
// import {} from "https://www.gstatic.com/firebasejs/${FIREBASE_VERSION}/firebase-firestore.js";
// import {} from "https://www.gstatic.com/firebasejs/${FIREBASE_VERSION}/firebase-storage.js";
// import {} from "https://www.gstatic.com/firebasejs/${FIREBASE_VERSION}/firebase-performance.js";
// import {} from "https://www.gstatic.com/firebasejs/${FIREBASE_VERSION}/firebase-remote-config.js";
// import {} from "https://www.gstatic.com/firebasejs/${FIREBASE_VERSION}/firebase-messaging.js";
// import {} from "https://www.gstatic.com/firebasejs/${FIREBASE_VERSION}/firebase-database.js";
// TODO: Replace the following with your app's Firebase project configuration
const firebaseConfig = {
//...
};
const app = initializeApp(firebaseConfig);
const db = getFirestore(app);
// Get a list of cities from your database
async function getCities(db) {
const citiesCol = collection(db, 'cities');
const citySnapshot = await getDocs(citiesCol);
const cityList = citySnapshot.docs.map(doc => doc.data());
return cityList;
}
</script>
Note: To get a filled in version of the above code snippet, go to the Firebase console for your app and click on "Add Firebase to your web app".
While you can write entire Firebase applications without any backend code, many developers want to write server applications or command-line utilities using the Node.js JavaScript runtime.
You can use the same npm module to use Firebase in the Node.js runtime (on a server or running from the command line):
$ npm init
$ npm install --save firebase
In your code, you can access Firebase using:
const { initializeApp } = require('firebase/app');
const { getFirestore, collection, getDocs } = require('firebase/firestore');
// ...
If you are using native ES6 module with --experimental-modules flag (or Node 12+) you should do:
import { initializeApp } from 'firebase/app';
import { getFirestore, collection, getDocs } from 'firebase/firestore';
// ...
Please see Environment Support for which packages are available in Node.js.
Version 9 provides a set of compat packages that are API compatible with Version 8. They are intended to be used to make the upgrade to the modular API easier by allowing you to upgrade your app piece by piece. See the Upgrade Guide for more detail.
To access the compat packages, use the subpath compat
like so:
// v9 compat packages are API compatible with v8 code
import firebase from 'firebase/compat/app';
import 'firebase/compat/auth';
import 'firebase/compat/firestore';
The Firebase changelog can be found at firebase.google.com.
Please see Environment Support.
FAQs
Firebase JavaScript library for web and Node.js
The npm package firebase receives a total of 1,365,491 weekly downloads. As such, firebase popularity was classified as popular.
We found that firebase demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.