npmpackage.info

libp2p

The JavaScript Implementation of libp2p networking stack.

2.4.2

2,360

Apache-2.0

TypeScript

949.62 kB

3,835,534 5.2

Installations

npm install libp2p

Developer Guide

BETA

Typescript

Yes

Module System

ESM, UMD

Node Version

22.11.0

NPM Version

10.9.2 Score

89.3

Supply Chain

98.9

Quality

95.1

Maintenance

100

Vulnerability

91.1

License

Pull Requests

Open

16

Total

2,035

Closed

505

Merged

1,514

Issues

Open

77

Total

807

Closed

730

Releases

2,220

upnp-nat: v3.0.3

upnp-nat-v3.0.3

Published on 13 Dec 2024

config: v1.0.0

config-v1.0.0

Published on 13 Dec 2024

webtransport: v5.0.21

webtransport-v5.0.21

Published on 12 Dec 2024

webrtc: v5.0.22

webrtc-v5.0.22

Published on 12 Dec 2024

circuit-relay-v2: v3.1.6

circuit-relay-v2-v3.1.6

Published on 12 Dec 2024

mplex: v11.0.16

mplex-v11.0.16

Published on 12 Dec 2024

View all 2,220 releases

Contributors

222

View all 222 contributors

Languages

TypeScript

JavaScript

Makefile

Dockerfile

TypeScript (99.05%)

JavaScript (0.81%)

Go (0.08%)

Makefile (0.04%)

Dockerfile (0.01%)

Developer

libp2p

Download Statistics

Total Downloads

3,835,534

Last Day

1,021

Last Week

20,701

Last Month

109,983

Last Year

966,650

GitHub Statistics

2,360 Stars

6,570 Commits

451 Forks

69 Watching

53 Branches

222 Contributors

Maintainers

Package Meta Information

Latest Version

2.4.2

Package Id

libp2p@2.4.2

Unpacked Size

949.62 kB

Size

221.29 kB

File Count

159

NPM Version

10.9.2

Node Version

22.11.0

Publised On

12 Dec 2024

Total Downloads

Cumulative downloads

Total Downloads

3,835,534

Last day

-85.4%

1,021

Compared to previous day

Last week

-47.5%

20,701

Compared to previous week

Last month

43.9%

109,983

Compared to previous month

Last year

15.3%

966,650

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Versions

The JavaScript implementation of the libp2p Networking Stack

Background

libp2p is the product of a long and arduous quest to understand the evolution of the Internet networking stack. In order to build P2P applications, devs have long had to make custom ad-hoc solutions to fit their needs, sometimes making some hard assumptions about their runtimes and the state of the network at the time of their development. Today, looking back more than 20 years, we see a clear pattern in the types of mechanisms built around the Internet Protocol, IP, which can be found throughout many layers of the OSI layer system, libp2p distils these mechanisms into flat categories and defines clear interfaces that once exposed, enable other protocols and applications to use and swap them, enabling upgradability and adaptability for the runtime, without breaking the API.

We are in the process of writing better documentation, blog posts, tutorials and a formal specification. Today you can find:

To sum up, libp2p is a "network stack" -- a protocol suite -- that cleanly separates concerns, and enables sophisticated applications to only use the protocols they absolutely need, without giving up interoperability and upgradeability. libp2p grew out of IPFS, but it is built so that lots of people can use it, for lots of different projects.

Roadmap

The js-libp2p roadmap can be found here: https://github.com/libp2p/js-libp2p/blob/main/ROADMAP.md

It represents current projects the js-libp2p maintainers are focused on and provides an estimation of completion targets.

Usage

Configuration

For all the information on how you can configure libp2p see CONFIGURATION.md.

Limits

For help configuring your node to resist malicious network peers, see LIMITS.md

Getting started

If you are starting your journey with js-libp2p, read the GETTING_STARTED.md guide.

Tutorials and Examples

You can find multiple examples on the examples repo that will guide you through using libp2p for several scenarios.

Development

Clone and install dependencies:

1> git clone https://github.com/libp2p/js-libp2p.git
2> cd js-libp2p
3> npm install
4> npm run build

Tests

Run unit tests

1# run all the unit tsts
2> npm test
3
4# run just Node.js tests
5> npm run test:node
6
7# run just Browser tests (Chrome)
8> npm run test:chrome

Packages

List of packages currently in existence for libp2p

This table is generated using the module package-table with package-table --data=package-list.json.

Package	Version	Deps	CI	Coverage
libp2p
`libp2p`
`@libp2p/interface`
transports
`@libp2p/tcp`
`@libp2p/webrtc`
`@libp2p/websockets`
`@libp2p/webtransport`
secure channels
`@chainsafe/libp2p-noise`
`@libp2p/plaintext`
stream multiplexers
`@libp2p/mplex`
`@chainsafe/libp2p-yamux`
peer discovery
`@libp2p/bootstrap`
`@libp2p/kad-dht`
`@libp2p/mdns`
`@chainsafe/discv5`
content routing
`@libp2p/http-v1-content-routing`
`@libp2p/delegated-content-routing`
`@libp2p/kad-dht`
peer routing
`@libp2p/delegated-peer-routing`
`@libp2p/kad-dht`
utilities
`@libp2p/crypto`
data types
`@libp2p/peer-id`
`@libp2p/peer-record`
pubsub
`@ChainSafe/libp2p-gossipsub`
`@libp2p/floodsub`

Used by

And many others...

Contribute

The libp2p implementation in JavaScript is a work in progress. As such, there are a few things you can do right now to help out:

Go through the modules and check out existing issues. This would be especially useful for modules in active development. Some knowledge of IPFS/libp2p may be required, as well as the infrastructure behind it - for instance, you may need to read up on p2p and more complex operations like muxing to be able to help technically.
Perform code reviews. Most of this has been developed by @diasdavid, which means that more eyes will help a) speed the project along b) ensure quality and c) reduce possible future bugs.
Add tests. There can never be enough tests.

API Docs

https://libp2p.github.io/js-libp2p/modules/libp2p.html

License

Licensed under either of

Apache 2.0, (LICENSE-APACHE / http://www.apache.org/licenses/LICENSE-2.0)
MIT (LICENSE-MIT / http://opensource.org/licenses/MIT)

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

Stable Version

2.4.2

HIGH

7.5/10

Summary

libp2p DoS vulnerability from lack of resource management

Affected Versions

< 0.38.0

Patched Versions

0.38.0

10

Maintained

Determines if the project is "actively maintained".

10

Security-Policy

Determines if the project has published a security policy.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

License

Determines if the project has defined a license.

10

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

2

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 2

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/examples.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/examples.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/examples.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/examples.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/examples.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/examples.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/examples.yml:119: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/examples.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/examples.yml:120: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/examples.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/examples.yml:123: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/examples.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:125: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:126: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:129: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:166: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:167: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:170: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:202: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:203: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:206: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:93: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:107: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:111: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:143: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:144: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:147: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:184: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:185: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:188: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:215: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:216: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:219: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:225: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:231: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:259: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:265: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:268: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:272: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:275: update your workflow using https://app.stepsecurity.io/secureworkflow/libp2p/js-libp2p/main.yml/main?enable=pin
Warn: containerImage not pinned by hash: interop/BrowserDockerfile:1: pin your Docker image by updating mcr.microsoft.com/playwright to mcr.microsoft.com/playwright@sha256:02810c978d5396bf382ab6015c25ad6bed9e39f4a41c5b9c829e9fea439274e2
Warn: containerImage not pinned by hash: interop/Dockerfile:3: pin your Docker image by updating node:lts to node:lts@sha256:35a5dd72bcac4bce43266408b58a02be6ff0b6098ffa6f5435aeea980a8951d7
Warn: npmCommand not pinned by hash: interop/BrowserDockerfile:12
Warn: npmCommand not pinned by hash: interop/Dockerfile:14
Info: 0 out of 31 GitHub-owned GitHubAction dependencies pinned
Info: 8 out of 26 third-party GitHubAction dependencies pinned
Info: 0 out of 2 containerImage dependencies pinned
Info: 0 out of 2 npmCommand dependencies pinned

1

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

0

Fuzzing

Determines if the project uses fuzzing.

0

SAST

Determines if the project uses static code analysis.

Score

5.2

/10

Last Scanned on 2024-12-16

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More

Other packages similar to libp2p

@libp2p/interface

2.3.0

The interface implemented by a libp2p node

@libp2p/crypto

5.0.8

Crypto primitives for libp2p

libp2p-crypto

0.21.2

Crypto primitives for libp2p

@libp2p/interfaces

3.3.2

Common code shared by the various libp2p interfaces

libp2p

Installations

Developer Guide

Yes

ESM, UMD

22.11.0

10.9.2

Score

Pull Requests

16

2,035

505

1,514

Issues

77

807

730

Releases

Contributors

Languages

Developer

Download Statistics

GitHub Statistics

Maintainers

Package Meta Information

Total Downloads

3,835,534

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

Dev Dependencies

The JavaScript implementation of the libp2p Networking Stack

Background

Roadmap

Usage

Configuration

Limits

Getting started

Tutorials and Examples

Development

Tests

Run unit tests

Packages

Used by

Contribute

API Docs

License

Contribution

Stable Version

2.4.2

HIGH

10

10

10

10

10

10

2

1

0

0

0

0

0

5.2

/10

Other packages similar to libp2p