Gathering detailed insights and metrics for libp2p
Gathering detailed insights and metrics for libp2p
Gathering detailed insights and metrics for libp2p
Gathering detailed insights and metrics for libp2p
npm install libp2p
Typescript
Module System
Node Version
NPM Version
37.9
Supply Chain
98.9
Quality
96.4
Maintenance
100
Vulnerability
77.6
License
webrtc: v5.0.19
Published on 19 Nov 2024
circuit-relay-v2: v3.1.3
Published on 19 Nov 2024
mplex: v11.0.13
Published on 19 Nov 2024
floodsub: v10.1.11
Published on 19 Nov 2024
perf: v4.0.13
Published on 19 Nov 2024
pnet: v2.0.13
Published on 19 Nov 2024
TypeScript (99.05%)
JavaScript (0.82%)
Go (0.08%)
Makefile (0.04%)
Dockerfile (0.01%)
Total
3,757,553
Last Day
1,231
Last Week
18,931
Last Month
74,446
Last Year
917,979
2,347 Stars
6,555 Commits
445 Forks
71 Watching
51 Branches
221 Contributors
Latest Version
2.3.1
Package Id
libp2p@2.3.1
Unpacked Size
863.27 kB
Size
203.07 kB
File Count
140
NPM Version
10.9.0
Node Version
22.11.0
Publised On
18 Nov 2024
Cumulative downloads
Total Downloads
Last day
-10.5%
1,231
Compared to previous day
Last week
12.4%
18,931
Compared to previous week
Last month
-2%
74,446
Compared to previous month
Last year
8.7%
917,979
Compared to previous year
26
JavaScript implementation of libp2p, a modular peer to peer network stack
Use the createLibp2p
function to create a libp2p node.
1import { createLibp2p } from 'libp2p' 2 3const node = await createLibp2p({ 4 // ...other options 5})
libp2p is the product of a long and arduous quest to understand the evolution of the Internet networking stack. In order to build P2P applications, devs have long had to make custom ad-hoc solutions to fit their needs, sometimes making some hard assumptions about their runtimes and the state of the network at the time of their development. Today, looking back more than 20 years, we see a clear pattern in the types of mechanisms built around the Internet Protocol, IP, which can be found throughout many layers of the OSI layer system, libp2p distils these mechanisms into flat categories and defines clear interfaces that once exposed, enable other protocols and applications to use and swap them, enabling upgradability and adaptability for the runtime, without breaking the API.
We are in the process of writing better documentation, blog posts, tutorials and a formal specification. Today you can find:
To sum up, libp2p is a "network stack" -- a protocol suite -- that cleanly separates concerns, and enables sophisticated applications to only use the protocols they absolutely need, without giving up interoperability and upgradeability. libp2p grew out of IPFS, but it is built so that lots of people can use it, for lots of different projects.
The js-libp2p roadmap can be found here: https://github.com/libp2p/js-libp2p/blob/main/ROADMAP.md
It represents current projects the js-libp2p maintainers are focused on and provides an estimation of completion targets.
For all the information on how you can configure libp2p see CONFIGURATION.md.
For help configuring your node to resist malicious network peers, see LIMITS.md
If you are starting your journey with js-libp2p
, read the GETTING_STARTED.md guide.
You can find multiple examples on the examples repo that will guide you through using libp2p for several scenarios.
Clone and install dependencies:
1> git clone https://github.com/libp2p/js-libp2p.git 2> cd js-libp2p 3> npm install 4> npm run build
1# run all the unit tsts 2> npm test 3 4# run just Node.js tests 5> npm run test:node 6 7# run just Browser tests (Chrome) 8> npm run test:chrome
List of packages currently in existence for libp2p
This table is generated using the module
package-table
withpackage-table --data=package-list.json
.
Package | Version | Deps | CI | Coverage |
---|---|---|---|---|
libp2p | ||||
libp2p | ||||
@libp2p/interface | ||||
transports | ||||
@libp2p/tcp | ||||
@libp2p/webrtc | ||||
@libp2p/websockets | ||||
@libp2p/webtransport | ||||
secure channels | ||||
@chainsafe/libp2p-noise | ||||
@libp2p/plaintext | ||||
stream multiplexers | ||||
@libp2p/mplex | ||||
@chainsafe/libp2p-yamux | ||||
peer discovery | ||||
@libp2p/bootstrap | ||||
@libp2p/kad-dht | ||||
@libp2p/mdns | ||||
@chainsafe/discv5 | ||||
content routing | ||||
@libp2p/http-v1-content-routing | ||||
@libp2p/delegated-content-routing | ||||
@libp2p/kad-dht | ||||
peer routing | ||||
@libp2p/delegated-peer-routing | ||||
@libp2p/kad-dht | ||||
utilities | ||||
@libp2p/crypto | ||||
data types | ||||
@libp2p/peer-id | ||||
@libp2p/peer-record | ||||
pubsub | ||||
@ChainSafe/libp2p-gossipsub | ||||
@libp2p/floodsub |
And many others...
The libp2p implementation in JavaScript is a work in progress. As such, there are a few things you can do right now to help out:
Licensed under either of
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.
Stable Version
1
7.5/10
Summary
libp2p DoS vulnerability from lack of resource management
Affected Versions
< 0.38.0
Patched Versions
0.38.0
Reason
no dangerous workflow patterns detected
Reason
30 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Reason
security policy file detected
Details
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
Reason
no binaries found in the repo
Reason
dependency not pinned by hash detected -- score normalized to 2
Details
Reason
Found 3/27 approved changesets -- score normalized to 1
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
detected GitHub workflow tokens with excessive permissions
Details
Reason
branch protection not enabled on development/release branches
Details
Reason
project is not fuzzed
Details
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
Score
Last Scanned on 2024-12-02
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More