Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
ipld-dag-pb
Advanced tools
JavaScript Implementation of the IPLD Format MerkleDAG Node in Protobuf. In addition to the IPLD Format methods, this module also provides an API for creating the nodes and manipulating them (adding and removing links, etc).
> npm install ipld-dag-pb --save
const dagPB = require('ipld-dag-pb')
// IPLD Format specifics
dagPB.resolver
dagPB.util
const node1 = new DAGNode(new TextEncoder('utf8').encode('some data'))
// node2 will have the same data as node1
const node2 = new DAGNode('some data')
const link = {
Name: 'I am a link',
Hash: 'QmHash..',
Tsize: 42
}
node.addLink(link)
console.log('with link', node.toJSON())
nodeA.rmLink('I am a link')
console.log('now without link', node.toJSON())
DAGNodes are immutable objects, in order to manipulate them you have to follow a function approach of applying function and getting new instances of the given DAGNode.
You can incude it in your project with:
const dagPB = require('ipld-dag-pb')
const DAGNode = dagPB.DAGNode
data
- type: Uint8Array or Stringlinks
- (optional) type: Array of DAGLink instances or Array of DAGLink instances in its json format (link.toJSON)serializedSize
- (optional) type: Number of bytes the serialized node has. If none is given, it will automatically be calculated.Create a DAGNode.
const dagNode = new DAGNode('data', links)
links can be a single or an array of DAGLinks instances or objects with the following pattern
{
Name: '<some name>',
Hash: '<some cid>',
TSize: <sizeInBytes>
}
You have the following methods and properties available in every DAGNode instance.
node.Data
node.Links
An array of JSON Objects with fields named Hash
, Name
, and Tsize
.
node.size
Size of the node, in bytes
node.toJSON()
node.toString()
node.toDAGLink()
options
- (optional) type: Object. Currently the only option is name
to specify a named link.Converts a DAGNode
into a DAGLink
.
const node = new DAGNode('some data')
const link = node.toDAGLink()
// Named link
const link = node.toDAGLink({ name: 'name-of-the-link' })
node.addLink(link)
link
- type: DAGLink or DAGLink in its json formatCreates a link on node A. Modifies the node.
link
can be:
const link = {
Name: '<some string>', // optional
Tsize: <size in bytes>,
Hash: <cid> // can be a String CID, CID buffer or CID object
}
node.addLink(link)
node.rmLink(nameOrCid)
nameOrCid
- type: String, CID object or CID bufferRemoves a link from the node by name. Modifies the node.
node.rmLink('Link1')
node.serialize()
Serialize the DAGNode instance to its portable binary format. Yields the same result as dagPB.util.serialize(node)
. Returns a Uint8Array
.
Following the same pattern as DAGNode functions
above, DAGLink also offers a function for its creation.
You can incude it in your project with:
const dagPB = require('ipld-dag-pb')
const DAGLink = dagPB.DAGLink
// link is a DAGLink instance
const link = new DAGLink(
'link-to-file', // name of the link (can be empty)
10, // size in bytes
'QmSomeHash...', // can be CID object, CID buffer or string
)
link.Name
link.Tsize
link.Hash
link.toJSON()
link.toString()
See: https://github.com/ipld/interface-ipld-format#local-resolver-methods
dagPB.resolver.resolve
dagPB.resolver.tree
See: https://github.com/ipld/interface-ipld-format#ipld-format-utils
dagPB.util.cid
dagPB.util.serialize
Serialize the DAGNode instance to its portable binary format. Yields the same result as node.serialize()
. Returns a Uint8Array
.
dagPB.util.deserialize
Deserialize a DAGNode instance from its portable binary format. Returns a DAGNode.
Please contribute! Look at the issues!
Check out our contributing document for more information on how we work, and about contributing in general. Please be aware that all interactions related to IPLD are subject to the IPFS Code of Conduct.
Small note: If editing the README, please conform to the standard-readme specification.
ISC © 2016 Protocol Labs Inc.
FAQs
JavaScript Implementation of the MerkleDAG Node in Protobuf.
We found that ipld-dag-pb demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.