Research
2025 Report: Destructive Malware in Open Source Packages
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
By Kush Pandya - Dec 24, 2025
orbit-db-eventstore
Advanced tools
orbit-db-eventstore
Append-Only Log database for orbit-db
An append-only log with traversable history. Useful for "latest N" use cases or as a message queue.
Used in orbit-db.
Table of Contents
Install
This project uses npm and nodejs
npm install orbit-db ipfs
Usage
First, create an instance of OrbitDB:
import * as IPFS from 'ipfs'
import OrbitDB from 'orbit-db'
const ipfs = new IPFS()
const orbitdb = await OrbitDB.createInstance(ipfs)
Get a log database and add an entry to it:
const log = await orbitdb.eventlog('haad.posts')
log.add({ name: 'hello world' })
.then(() => {
const items = log.iterator().collect().map(e => e.payload.value)
items.forEach(e => console.log(e.name))
// "hello world"
})
Later, when the database contains data, load the history and query when ready:
const log = await orbitdb.eventlog('haad.posts')
log.events.on('ready', () => {
const items = log.iterator().collect().map(e => e.payload.value)
items.forEach(e => console.log(e.name))
// "hello world"
})
See example/index.html for a detailed example. Note that to run this example, you need to have a local IPFS daemon running at port 5001.
API
See orbit-db's API Documenations for full details.
Contributing
If you think this could be better, please open an issue!
Please note that all interactions in @orbitdb fall under our Code of Conduct.
Note that tests for this module are in the orbit-db repository.
License
MIT © 2016-2020 Protocol Labs Inc., Haja Networks Oy
Keywords
FAQs
Eventlog for orbit-db
The npm package orbit-db-eventstore receives a total of 886 weekly downloads. As such, orbit-db-eventstore popularity was classified as not popular.
We found that orbit-db-eventstore demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Package last updated on 18 Jan 2023
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Engineering with AI Podcast: The Promise of AI-First Development
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.
By Sarah Gooding - Dec 24, 2025
Research
/Security News
Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations
A five-month operation turned 27 npm packages into durable hosting for browser-run lures that mimic document-sharing portals and Microsoft sign-in, targeting 25 organizations across manufacturing, industrial automation, plastics, and healthcare for credential theft.
By Nicholas Anderson, Kirill Boychenko - Dec 23, 2025