Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
The web3 npm package is a collection of libraries that allow you to interact with a local or remote Ethereum node, using HTTP, IPC, or WebSocket. It provides functionalities for interacting with smart contracts, sending transactions, and querying blockchain data.
Connecting to an Ethereum Node
This feature allows you to connect to an Ethereum node using an HTTP provider. You can replace the URL with your own node's URL or use a service like Infura.
const Web3 = require('web3');
const web3 = new Web3('https://mainnet.infura.io/v3/YOUR_INFURA_PROJECT_ID');
Interacting with Smart Contracts
This feature allows you to interact with smart contracts deployed on the Ethereum blockchain. You need the contract's ABI and address to create a contract instance and call its methods.
const contractABI = [/* ABI array */];
const contractAddress = '0xYourContractAddress';
const contract = new web3.eth.Contract(contractABI, contractAddress);
contract.methods.yourMethod().call().then(console.log);
Sending Transactions
This feature allows you to send transactions on the Ethereum network. You need the sender's account address and private key to sign and send the transaction.
const account = '0xYourAccountAddress';
const privateKey = 'your_private_key';
const tx = {
to: '0xRecipientAddress',
value: web3.utils.toWei('0.1', 'ether'),
gas: 2000000
};
web3.eth.accounts.signTransaction(tx, privateKey).then(signed => {
web3.eth.sendSignedTransaction(signed.rawTransaction)
.on('receipt', console.log);
});
Querying Blockchain Data
This feature allows you to query data from the blockchain, such as retrieving the latest block information.
web3.eth.getBlock('latest').then(console.log);
The ethers.js library aims to be a complete and compact library for interacting with the Ethereum Blockchain and its ecosystem. It provides similar functionalities to web3, such as connecting to Ethereum nodes, interacting with smart contracts, and sending transactions. Ethers.js is known for its smaller size and better documentation.
Truffle is a development environment, testing framework, and asset pipeline for Ethereum. While it provides some overlapping functionalities with web3, such as interacting with smart contracts, it is more focused on the development and deployment of smart contracts.
Embark is a framework for serverless Decentralized Applications using Ethereum, IPFS, and other platforms. It provides functionalities for smart contract management, decentralized storage, and communication, making it a more comprehensive solution compared to web3.
This is the main package of web3.js, it contains a collection of comprehensive TypeScript libraries for Interaction with the Ethereum JSON RPC API and utility functions.
You can install the package either using NPM or using Yarn
npm install web3
yarn add web3
Script | Description |
---|---|
clean | Uses rimraf to remove dist/ |
build | Uses tsc to build package and dependent packages |
lint | Uses eslint to lint package |
lint:fix | Uses eslint to check and fix any warnings |
format | Uses prettier to format the code |
test | Uses jest to run unit tests |
test:integration | Uses jest to run tests under /test/integration |
test:unit | Uses jest to run tests under /test/unit |
We encourage users to use only required individual packages listed in following table, for making lightweight application instead of importing main web3 package, and if you don't need functions from most of the packages that are implicitly included with main web3 package.
Package | Version | License | Docs | Description |
---|---|---|---|---|
web3 | :rotating_light: Entire Web3.js offering (includes all packages) | |||
web3-core | Core functions for web3.js packages | |||
web3-errors | Errors Objects | |||
web3-eth | Modules to interact with the Ethereum blockchain and smart contracts | |||
web3-eth-abi | Functions for encoding and decoding EVM in/output | |||
web3-eth-accounts | Functions for managing Ethereum accounts and signing | |||
web3-eth-contract | The contract package contained in web3-eth | |||
web3-eth-ens | Functions for interacting with the Ethereum Name Service | |||
web3-eth-iban | Functionality for converting Ethereum addressed to IBAN addressed and vice versa | |||
web3-eth-personal | Module to interact with the Ethereum blockchain accounts stored in the node | |||
web3-net | Functions to interact with an Ethereum node's network properties | |||
web3-providers-http | Web3.js provider for the HTTP protocol | |||
web3-providers-ipc | Web3.js provider for IPC | |||
web3-providers-ws | Web3.js provider for the Websocket protocol | |||
web3-rpc-methods | RPC Methods | |||
web3-types | Shared useable types | |||
web3-utils | Useful utility functions for Dapp developers | |||
web3-validator | Utilities for validating objects |
[4.11.0]
_sendPendingRequests
will catch unhandled errors from _sendToSocket
(#6968)Promise<ResultType>
to Promise<JsonRpcResponseWithResult<ResultType>>
(#7102)populateTransaction
was added to contract methods (#7124)setTransactionMiddleware
and getTransactionMiddleware
for automatically passing to sentTransaction
for deploy
and send
functions (#7138)web3.eth.Contract
will get transaction middleware and use it, if web3.eth
has transaction middleware. (#7138)FAQs
Ethereum JavaScript API
The npm package web3 receives a total of 290,966 weekly downloads. As such, web3 popularity was classified as popular.
We found that web3 demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.