Get and verify a file by CID from an IPFS gateway over http.
$ ipfs-get bafybeidd2gyhagleh47qeg77xqndy2qy3yzn4vkxmk775bg2t5lpuy7pcu/youareanonsense.jpg
📡 Resolving CID from https://ipfs.io/
🎯 bafkreiaqv66m5nd6mwgkk7h5lwqnjzj54s4f7knmnrjhb7ylzqfg2vdo54
📡 Fetching .car file from https://ipfs.io/
🔐 Verified 1/1 block
✅ Wrote youareanonsense.jpg
A thin wrapper over @ipld/car and unix-fs-exporter. It fetches the content by CID over HTTP from the IPFS gateway as a Content-Addressed Archive (CAR), extacts the cids and blocks, verifying them as it goes, and writes the files to disk.
In go-ipfs v0.9.0, the /api/v0/dag/export endpoint was added to the public gateway api, allowing us to fetch content as CAR file.
Before that API was available folks just did an http get to /ipfs/, and either trusted the gateway, or optimistically tried to re-add the response to a local ipfs node to check it hashed to the same CID, which is error prone; if any non-default flags were used when adding the content, then the CID you get when adding locally would not match unless you knew ahead of time to use the same flags.
By using car files, the CIDs for the blocks travel with the data, so ipfs-get is able to verify them, regardless of how the DAG was created (well, it only supports sha256 verification currently, for dag-pb and dag-cbor, but that covers the vast majority of existing DAGs created via IPFS.)
Install ipfs-get globally with npm i -g ipfs-get or run it via npx npx ipfs-get <cid>
# fetch and verify a file by cid from ipfs.io
ipfs-get bafkreigh2akiscaildcqabsyg3dfr6chu3fgpregiymsck7e7aqa4s52zy
# resolve, fetch and verify a dnslink
ipfs-get /ipns/ipfs.io
# try it out with a local gateway (using go-ipfs v0.9.0)
ipfs-get bafkreigh2akiscaildcqabsyg3dfr6chu3fgpregiymsck7e7aqa4s52zy --gateway http://127.0.0.1:5001
# pick the output filename
ipfs-get bafkreigh2akiscaildcqabsyg3dfr6chu3fgpregiymsck7e7aqa4s52zy --output room-guardian.jpg
/api/v0/dag/export. This could fail if the full dag is unavailable. it's ok.FAQs
Get and verify a file by CID from an IPFS gateway over http.
The npm package ipfs-get receives a total of 6 weekly downloads. As such, ipfs-get popularity was classified as not popular.
We found that ipfs-get demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
OpenAI rotated macOS signing certificates after a malicious Axios package reached its CI pipeline in a broader software supply chain attack.
Security News
Open source is under attack because of how much value it creates. It has been the foundation of every major software innovation for the last three decades. This is not the time to walk away from it.
Security News
Socket CEO Feross Aboukhadijeh breaks down how North Korea hijacked Axios and what it means for the future of software supply chain security.