Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
nft.storage
Advanced tools
Readme
A client library for the https://nft.storage/ service. It provides a convenient interface for working with the Raw HTTP API from a web browser or Node.js and comes bundled with TS for out-of-the box type inference and better IntelliSense.
Install the package using npm
npm install nft.storage
Or yarn
yarn add nft.storage
First, obtain an API token from https://nft.storage and use it in place of API_TOKEN
below:
import { NFTStorage, File } from 'nft.storage'
const client = new NFTStorage({ token: 'API_TOKEN' })
async function main() {
const metadata = await client.store({
name: 'Pinpie',
description: 'Pin is not delicious beef!',
image: new File(
[
/* data */
],
'pinpie.jpg',
{ type: 'image/jpg' }
),
})
console.log(metadata.url)
// ipfs://bafyreib4pff766vhpbxbhjbqqnsh5emeznvujayjj4z2iu533cprgbz23m/metadata.json
}
main()
The client uses ESM modules. If running from Node.js, either name your script index.mjs
or name it index.js
and use npm init
to create a new package.json
file in your project directory, adding "type": "module",
to it.
Run the script:
node index.mjs # or index.js
For more examples please see the API documentation or the examples directory in the project repository, which contains sample projects for both browsers and Node.js.
FAQs
A client library for the https://nft.storage/ service. It provides a convenient interface for working with the HTTP API from a web browser or Node.js
The npm package nft.storage receives a total of 17,147 weekly downloads. As such, nft.storage popularity was classified as popular.
We found that nft.storage demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.