Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
The JavaScript implementation of the IPLD, InterPlanetary Linked-Data
This project is considered stable, but alpha quality implementation. The IPLD strategy for persistence and integration with IPFS has evolved since this package was created. This package will be deprecated once the new strategy is fully implemented. You can read more about the new strategy in Issue #260
.put(node, format, options)
.putMany(nodes, format, options)
.resolve(cid, path, options)
.get(cid, options)
.getMany(cids, options)
.remove(cid, options)
.removeMany(cids, options)
.tree(cid, [path], [options])
.addFormat(ipldFormatImplementation)
.getFormat(codec)
.removeFormat(codec)
> npm install --save ipld
const Ipld = require('ipld')
const IpfsRepo = require('ipfs-repo')
const IpfsBlockService = require('ipfs-block-service')
const initIpld = async (ipfsRepoPath) => {
const repo = new IpfsRepo(ipfsRepoPath)
await repo.init({})
await repo.open()
const blockService = new IpfsBlockService(repo)
return new Ipld({blockService: blockService})
}
initIpld('/tmp/ipfsrepo2')
.then((ipld) => {
// Do something with the `ipld`, e.g. `ipld.get(…)`
})
.catch((error) => {
console.error(error)
})
The IPLD API works strictly with CIDs and deserialized IPLD Nodes. Interacting with the binary data happens on lower levels. To access the binary data directly, use the Block API.
All methods that return an async iterator return one that got extended with convenience methods:
iter.first()
: Return the first item onlyiter.last()
: Return the last item onlyiter.all()
: Return all items as arrayExample:
const result = ipld.getMany([cid1, cid2])
const node1 = await result.first()
Creates and returns an instance of IPLD.
const ipld = new Ipld(options)
The options
is an object with any of these properties:
options.blockService
Type | Default |
---|---|
ipfs.BlockService instance | Required (no default) |
Example:
const blockService = new IpfsBlockService(repo)
const ipld = new Ipld({blockService: blockService})
options.formats
Type | Default |
---|---|
Array of IPLD Format implementations | [require('ipld-dag-cbor'), require('ipld-dag-pb'), require('ipld-raw')] |
By default only the dag-cbor), dag-pb) and raw) IPLD Formats are supported. Other formats need to be added manually. Here is an example if you want to have support for ipld-git only:
const ipldGit = require('ipld-git')
const ipld = new Ipld({
formats: [ipldGit],
…
})
options.loadFormat(codec)
Type | Default |
---|---|
async Function | null |
Function to dynamically load an IPLD Format. It is passed a codec
, the multicodec code of the IPLD format to load and returns an IPLD Format implementation. For example:
const multicodec = require('multicodec')
const ipld = new Ipld({
async loadFormat (codec) {
if (codec === multicodec.GIT_RAW) {
return require('ipld-git')
} else {
throw new Error('unable to load format ' + multicodec.print[codec])
}
}
})
.put(node, format, options)
Stores the given IPLD Node of a recognized IPLD Format.
node
(Object
): the deserialized IPLD node that should be inserted.format
(multicodec
, required): the multicodec of the format that IPLD Node should be encoded in.options
is an object with the following properties:
hashAlg
(multicodec
, default: hash algorithm of the given multicodec): the hashing algorithm that is used to calculate the CID.cidVersion
(number
, default: 1): the CID version to use.onlyHash
(boolean
, default: false): if true the serialized form of the IPLD Node will not be passed to the underlying block store.signal
(AbortSignal
): a signal that can be used to abort any long-lived operations that are started as a result of this operation.Returns a Promise with the CID of the serialized IPLD Node.
.putMany(nodes, format, options)
Stores the given IPLD Nodes of a recognized IPLD Format.
nodes
(AsyncIterable<Object>
): deserialized IPLD nodes that should be inserted.format
(multicodec
, required): the multicodec of the format that IPLD Node should be encoded in.options
is applied to any of the nodes
and is an object with the following properties:
hashAlg
(multicodec
, default: hash algorithm of the given multicodec): the hashing algorithm that is used to calculate the CID.cidVersion
(number
, default: 1): the CID version to use.onlyHash
(boolean
, default: false): if true the serialized form of the IPLD Node will not be passed to the underlying block store.signal
(AbortSignal
): a signal that can be used to abort any long-lived operations that are started as a result of this operation.Returns an async iterator with the CIDs of the serialized IPLD Nodes. The iterator will throw an exception on the first error that occurs.
.resolve(cid, path, options)
Retrieves IPLD Nodes along the
path
that is rooted atcid
.
cid
(CID
, required): the CID the resolving starts.path
(IPLD Path
, required): the path that should be resolved.options
an optional object that may have the following properties:
signal
(AbortSignal
): a signal that can be used to abort any long-lived operations that are started as a result of this operation.Returns an async iterator of all the IPLD Nodes that were traversed during the path resolving. Every element is an object with these fields:
remainderPath
(string
): the part of the path that wasn’t resolved yet.value
(*
): the value where the resolved path points to. If further traversing is possible, then the value is a CID object linking to another IPLD Node. If it was possible to fully resolve the path, value
is the value the path
points to. So if you need the CID of the IPLD Node you’re currently at, just take the value
of the previously returned IPLD Node..get(cid, options)
Retrieve an IPLD Node.
cid
(CID
): the CID of the IPLD Node that should be retrieved.options
an optional object that may have the following properties:
signal
(AbortSignal
): a signal that can be used to abort any long-lived operations that are started as a result of this operation.Returns a Promise with the IPLD Node that correspond to the given cid
.
Throws an error if the IPLD Node can’t be retrieved.
.getMany(cids, options)
Retrieve several IPLD Nodes at once.
cids
(AsyncIterable<CID>
): the CIDs of the IPLD Nodes that should be retrieved.options
an optional object that may have the following properties:
signal
(AbortSignal
): a signal that can be used to abort any long-lived operations that are started as a result of this operation.Returns an async iterator with the IPLD Nodes that correspond to the given cids
.
Throws an error if a IPLD Node can’t be retrieved.
.remove(cid, options)
Remove an IPLD Node by the given
cid
cid
(CID
): the CIDs of the IPLD Node that should be removed.options
an optional object that may have the following properties:
signal
(AbortSignal
): a signal that can be used to abort any long-lived operations that are started as a result of this operation.Throws an error if the IPLD Node can’t be removed.
.removeMany(cids, options)
Remove IPLD Nodes by the given
cids
cids
(AsyncIterable<CID>
): the CIDs of the IPLD Nodes that should be removed.options
an optional object that may have the following properties:
signal
(AbortSignal
): a signal that can be used to abort any long-lived operations that are started as a result of this operation.Throws an error if any of the Blocks can’t be removed. This operation is not atomic, some Blocks might have already been removed.
.tree(cid, [path], [options])
Returns all the paths that can be resolved into.
cid
(CID
, required): the CID to get the paths from.path
(IPLD Path
, default: ''): the path to start to retrieve the other paths from.options
:
recursive
(bool
, default: false): whether to get the paths recursively or not. false
resolves only the paths of the given CID.signal
(AbortSignal
): a signal that can be used to abort any long-lived operations that are started as a result of this operation.Returns an async iterator of all the paths (as Strings) you could resolve into.
.addFormat(ipldFormatImplementation)
Add support for an IPLD Format
ipldFormatImplementation
(IPLD Format
, required): the implementation of an IPLD Format.Returns the IPLD instance. This way you can chain addFormat()
calls.
.getFormat(codec)
Return the implementation for an IPLD Format
codec
(multicodec
, required): the codec of the IPLD Format to return the implementation from.If the implementation is not present in the current list of resolvers, the loadFormat
function passed as an option to the constructor of this module will be invoked and it's output added to the list of available resolvers.
.removeFormat(codec)
Remove support for an IPLD Format
codec
(multicodec
, required): the codec of the IPLD Format to remove.Returns the IPLD instance. This way you can chain removeFormat()
calls.
defaultOptions
Default options for IPLD.
Listing of dependencies from the IPLD ecosystem.
This table is generated using the module
package-table
withpackage-table --data=package-list.json
.
Package | Version | Deps | CI | Coverage | Lead Maintainer |
---|---|---|---|---|---|
IPLD Formats | |||||
ipld-bitcoin | Volker Mische | ||||
ipld-dag-cbor | Volker Mische | ||||
ipld-dag-pb | Volker Mische | ||||
ipld-ethereum | Volker Mische | ||||
ipld-git | Volker Mische | ||||
ipld-raw | Volker Mische | ||||
ipld-zcash | Volker Mische | ||||
Data Types (non IPLD specific) | |||||
multihashes | David Dias | ||||
ipfs-block | Volker Mische | ||||
Storage | |||||
ipfs-repo | Jacob Heun | ||||
interface-datastore | Pedro Teixeira | ||||
ipfs-block-service | Volker Mische |
Feel free to join in. All welcome. Open an issue!
This repository falls under the IPFS Code of Conduct.
FAQs
The JavaScript Implementation of IPLD
We found that ipld demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.