Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
onboard-react
Advanced tools
JavaScript library providing a wrapper around Blocknative's Onboard as a React context to easily store and update user's wallet state.
npm install onboard-react
import OnboardProvider from 'onboard-react'
// head to blocknative.com to create a key
const BLOCKNATIVE_KEY = 'blocknative-api-key'
// the network id that your dapp runs on
const NETWORK_ID = 1
// construct the initialisation object to be given to Onboard
// see: https://docs.blocknative.com/onboard#options
const initialisation = {
dappId: BLOCKNATIVE_KEY,
networkId: NETWORK_ID,
}
class App extends Component {
render() {
return (
<OnboardProvider initialisation={initialisation}>
{....}
</OnboardProvider>
)
}
}
The OnboardProvider
then gives its children access to (among others) the useOnboard
hook which returns the Onboard
object.
For detailed documentation on Onboard head to docs.blocknative.com
FAQs
A wrapper context around Blocknative's Onboard
The npm package onboard-react receives a total of 0 weekly downloads. As such, onboard-react popularity was classified as not popular.
We found that onboard-react demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.