Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
opensea-js
Advanced tools
JavaScript SDK for the OpenSea marketplace. Let users buy or sell crypto collectibles and other cryptogoods, all on your own site!
A JavaScript library for crypto-native ecommerce: buying, selling, and bidding on any cryptogood. GitHub | npm
This is the JavaScript SDK for OpenSea, the largest marketplace for crypto collectibles. It allows developers to access the official orderbook, filter it, create buy orders (offers), create sell orders (auctions), and fulfill orders to complete trades, programmatically.
For the first time, you can build a cryptocommerce dapp.
You get started by instantiating your own seaport. Then you can create orders off-chain or fulfill orders on-chain, and listen to events (like ApproveAllAssets
or WrapEth
) in the process.
Happy seafaring! ⛵️
In your project, run:
npm install --save opensea-js
Install web3 too if you haven't already.
To get started, create a new OpenSeaJS client, called an OpenSeaPort 🚢, using your Web3 provider:
import * as Web3 from 'web3'
import { OpenSeaPort, Network } from 'opensea-js'
const provider = new Web3.providers.HttpProvider('https://mainnet.infura.io')
const seaport = new OpenSeaPort(provider, {
networkName: Network.Main
})
Then, you can do this to make an offer on an asset:
// An expirationTime of 0 means it will never expire
const offer = await seaport.createBuyOrder({ tokenId, tokenAddress, accountAddress, amountInEth, expirationTime: 0 })
To retrieve a list of offers and auction on an asset, you can use an instance of the OpenSeaAPI
exposed on the client:
import { OrderSide } from 'opensea-js/types'
// Get offers
const { orders, count } = await seaport.api.getOrders({
tokenAddress, tokenId,
side: OrderSide.Buy // == 0
})
// Get page 2 of all auctions
const { orders, count } = await seaport.api.getOrders({
tokenAddress, tokenId,
side: OrderSide.Sell // == 1
}, 2)
Detailed documentation is coming soon on docs.opensea.io.
In the meantime, visit the auto-generated documentation here, or contact the OpenSea devs for help! They're available every day on Discord in the #developers
channel.
Node >= v8.11.2 required.
Before any development, install the required NPM dependencies:
npm install
Then, lint and build the library into the lib
directory:
npm run build
Or run the barebones tests:
npm test
Generate html docs, also available for browsing here:
npm run docsHtml
Or generate markdown docs available for browsing on git repos:
npm run docsMarkdown
Or generate both:
npm run docs
Contributions welcome! Please use GitHub issues for suggestions/concerns - if you prefer to express your intentions in code, feel free to submit a pull request.
FAQs
TypeScript SDK for the OpenSea marketplace helps developers build new experiences using NFTs and our marketplace data
The npm package opensea-js receives a total of 1,485 weekly downloads. As such, opensea-js popularity was classified as popular.
We found that opensea-js demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.