Gathering detailed insights and metrics for @oceanprotocol/lib
Gathering detailed insights and metrics for @oceanprotocol/lib
Gathering detailed insights and metrics for @oceanprotocol/lib
Gathering detailed insights and metrics for @oceanprotocol/lib
npm install @oceanprotocol/lib
Typescript
Module System
Node Version
NPM Version
TypeScript (99.05%)
Shell (0.61%)
JavaScript (0.34%)
Total Downloads
144,226
Last Day
8
Last Week
196
Last Month
1,341
Last Year
12,655
108 Stars
3,275 Commits
69 Forks
16 Watching
24 Branches
41 Contributors
Latest Version
3.4.5
Package Id
@oceanprotocol/lib@3.4.5
Unpacked Size
2.73 MB
Size
527.84 kB
File Count
161
NPM Version
10.8.2
Node Version
20.18.1
Publised On
19 Dec 2024
Cumulative downloads
Total Downloads
Last day
-27.3%
8
Compared to previous day
Last week
-60.3%
196
Compared to previous week
Last month
-9.7%
1,341
Compared to previous month
Last year
-82.5%
12,655
Compared to previous year
6
1
31
JavaScript library to privately & securely publish, exchange, and consume data.
With ocean.js, you can:
ocean.js is part of the Ocean Protocol toolset.
This is in alpha state. If you run into problems, please open up a new issue.
1npm install @oceanprotocol/lib
The project is authored with TypeScript and compiled with tsc
.
To start compiler in watch mode:
1npm install 2npm start
For linting and auto-formatting you can use from the root of the project:
1# lint all js with eslint 2npm run lint 3 4# auto format all js & css with prettier, taking all configs into account 5npm run format
Test suite for unit & integration tests is setup with Mocha as test runner, and nyc for coverage reporting. A combined coverage report is sent to CodeClimate via the coverage
GitHub Actions job.
Running all tests requires running Ocean Protocol components beforehand with Barge, which also runs a ganache-cli
instance:
1git clone https://github.com/oceanprotocol/barge 2cd barge 3 4./start_ocean.sh --with-provider2 --no-dashboard --with-c2d
You can then proceed to run in another terminal.
Let ocean.js know where to pickup the smart contract addresses, which has been written out by Barge in this location:
export ADDRESS_FILE="${HOME}/.ocean/ocean-contracts/artifacts/address.json"
Build metadata:
npm run build:metadata
Executing linting, type checking, unit, and integration tests with coverage reporting all in one go:
1npm test
You can execute the unit tests individually with:
1npm run test:unit 2# same thing, but with coverage reporting 3npm run test:unit:cover
You can execute the integration tests individually with:
1npm run test:integration 2# same thing, but with coverage reporting 3npm run test:integration:cover
We are currently using the live Oasis Sapphire Test network for the integration tests.
Please export the PRIVATE_KEY
and PRIVATE_KEY_CONSUMER
before running the tests.
1export PRIVATE_KEY='0x<YOUR_PRIVATE_KEY>' 2export PRIVATE_KEY_CONSUMER='0x<YOUR_CONSUMER_PRIVATE_KEY>'
Then, you can execute the tests individually with:
1npm run test:sapphire
Note: On macOS, changes to the
provider
,metadataCache
andsubgraph
URLs are required, as their defaultbarge
IPs can not be accessed due to network constraints on macOS. Instead usehttp://127.0.0.1
for each direct call to the mentioned services, but keep the internalprovider
URL (http://172.15.0.4:8030
) hardcoded inside all DDO'sserviceEndpoint
, and when callingnft.setMetadata()
.
To create a production build, run from the root of the project:
1npm run build
Releases are managed semi-automatically. They are always manually triggered from a developer's machine with release scripts.
From a clean main
branch you can run the release task bumping the version accordingly based on semantic versioning:
1npm run release
The task does the following:
package.json
, package-lock.json
For the GitHub releases steps a GitHub personal access token, exported as GITHUB_TOKEN
is required. Setup
For pre-releases, this is required for the first one like v0.18.0-next.0
:
1./node_modules/.bin/release-it major|minor|patch --preRelease=next
Further releases afterwards can be done with npm run release
again and selecting the appropriate next version, in this case v0.18.0-next.1
and so on.
Copyright ((C)) 2023 Ocean Protocol Foundation
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Reason
no binaries found in the repo
Reason
license file detected
Details
Reason
security policy file detected
Details
Reason
Found 8/13 approved changesets -- score normalized to 6
Reason
dependency not pinned by hash detected -- score normalized to 4
Details
Reason
detected GitHub workflow tokens with excessive permissions
Details
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
Reason
22 existing vulnerabilities detected
Details
Score
Last Scanned on 2024-12-16
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More