Security News
RubyGems.org Adds New Maintainer Role
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
web3-provider-engine
Advanced tools
Web3 ProviderEngine is a tool for composing your own [web3 providers](https://github.com/ethereum/wiki/wiki/JavaScript-API#web3).
Web3 ProviderEngine is a tool for composing your own web3 providers.
Status: WIP - expect breaking changes and strange behaviour
Built to be modular - works via a stack of 'sub-providers' which are like normal web3 providers but only handle a subset of rpc methods.
The subproviders can emit new rpc requests in order to handle their own; e.g. eth_call
may trigger eth_getAccountBalance
, eth_getCode
, and others.
The provider engine also handles caching of rpc request results.
const ProviderEngine = require('web3-provider-engine')
const CacheSubprovider = require('web3-provider-engine/subproviders/cache.js')
const StaticSubprovider = require('web3-provider-engine/subproviders/static.js')
const FilterSubprovider = require('web3-provider-engine/subproviders/filters.js')
const VmSubprovider = require('web3-provider-engine/subproviders/vm.js')
const LightWalletSubprovider = require('web3-provider-engine/subproviders/lightwallet.js')
const RpcSubprovider = require('web3-provider-engine/subproviders/rpc.js')
var engine = new ProviderEngine()
var web3 = new Web3(engine)
// cache layer
engine.addProvider(new CacheSubprovider())
// static results
engine.addProvider(new StaticSubprovider({
web3_clientVersion: 'MetaMask-ProviderEngine/v0.0.0/javascript',
net_listening: true,
eth_hashrate: '0x0',
eth_mining: false,
eth_syncing: true,
})
// filters
engine.addProvider(new FilterSubprovider())
// vm
engine.addProvider(new VmSubprovider())
// id mgmt
engine.addProvider(new LightWalletSubprovider())
// data source
engine.addProvider(new RpcSubprovider({
rpcUrl: 'https://testrpc.metamask.io/',
}))
// log new blocks
engine.on('block', function(block){
// lazy hack - move caching and current block to engine
engine.currentBlock = block
console.log('================================')
console.log('BLOCK CHANGED:', '#'+block.number.toString('hex'), '0x'+block.hash.toString('hex'))
console.log('================================')
})
// start polling for blocks
engine.start()
The Ethereum JSON RPC was not designed to have one node service many clients. However a smaller, lighter subset of the JSON RPC can be used to provide the blockchain data that an Ethereum 'zero-client' node would need to function. We handle as many types of requests locally as possible, and just let data lookups fallback to some data source ( hosted rpc, blockchain api, etc ). Categorically, we don’t want / can’t have the following types of RPC calls go to the network:
FAQs
A JavaScript library for composing Ethereum provider objects using middleware modules
The npm package web3-provider-engine receives a total of 26,742 weekly downloads. As such, web3-provider-engine popularity was classified as popular.
We found that web3-provider-engine demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 12 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.
Security News
Research
Socket's threat research team has detected five malicious npm packages targeting Roblox developers, deploying malware to steal credentials and personal data.