Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
nft.storage
Advanced tools
A client library for the https://nft.storage/ service. It provides a convenient interface for working with the HTTP API from a web browser or Node.js
A client library for the https://nft.storage/ service. It provides a convenient interface for working with the Raw HTTP API from a web browser or Node.js and comes bundled with TS for out-of-the box type inference and better IntelliSense.
Install the package using npm
npm install nft.storage
Or yarn
yarn add nft.storage
First, obtain an API token from https://nft.storage and use it in place of API_TOKEN
below:
import { NFTStorage, File } from 'nft.storage'
const client = new NFTStorage({ token: 'API_TOKEN' })
async function main() {
const metadata = await client.store({
name: 'Pinpie',
description: 'Pin is not delicious beef!',
image: new File(
[
/* data */
],
'pinpie.jpg',
{ type: 'image/jpg' }
),
})
console.log(metadata.url)
// ipfs://bafyreib4pff766vhpbxbhjbqqnsh5emeznvujayjj4z2iu533cprgbz23m/metadata.json
}
main()
The client uses ESM modules. If running from Node.js, either name your script index.mjs
or name it index.js
and use npm init
to create a new package.json
file in your project directory, adding "type": "module",
to it.
Run the script:
node index.mjs # or index.js
For more examples please see the API documentation or the examples directory in the project repository, which contains sample projects for both browsers and Node.js.
FAQs
A client library for the https://nft.storage/ service. It provides a convenient interface for working with the HTTP API from a web browser or Node.js
We found that nft.storage demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.