New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
**[Caution]** NPM package currently in public is unknown 0.2.5
version
#234
Comments
I have a this problem |
The version in npm is a legitimate js binding of bls-signatures from before it was modified to be fully IETF BLS compliant. It is totally out of date. We are currently working on getting a new release into npm and should have that complete in the next few days. |
@hoffmang9 ok ,thanks |
@hoffmang9 Hello, Are U sleep? I has a new problem, Do you consider adding mnemonic genration and mnemonic import in the new version? |
@hoffmang9 Current situationjs typings was fixed by my past PR and old test specs are also updated to the latest in #242 What's remaining
|
@hoffmang9 hello ,when can release bls-sign for npm? |
'This issue has been flagged as stale as there has been no activity on it in 14 days. If this issue is still affecting you and in need of review, please update it to keep it open.' |
'This issue was automatically closed because it has been flagged as stale and subsequently passed 7 days with no further activity.' |
This ticket should not be closed. |
Oh god! You haven't forgot this issue! |
'This issue has been flagged as stale as there has been no activity on it in 14 days. If this issue is still affecting you and in need of review, please update it to keep it open.' |
Bump. I still want to contribute to this project, if you allow me. |
'This issue has been flagged as stale as there has been no activity on it in 14 days. If this issue is still affecting you and in need of review, please update it to keep it open.' |
'This issue has been flagged as stale as there has been no activity on it in 14 days. If this issue is still affecting you and in need of review, please update it to keep it open.' |
Don't go stale |
'This issue has been flagged as stale as there has been no activity on it in 14 days. If this issue is still affecting you and in need of review, please update it to keep it open.' |
'This issue has been flagged as stale as there has been no activity on it in 14 days. If this issue is still affecting you and in need of review, please update it to keep it open.' |
'This issue has been flagged as stale as there has been no activity on it in 14 days. If this issue is still affecting you and in need of review, please update it to keep it open.' |
'This issue was automatically closed because it has been flagged as stale and subsequently passed 7 days with no further activity.' |
'This issue was automatically closed because it has been flagged as stale and subsequently passed 7 days with no further activity.' |
'This issue has been flagged as stale as there has been no activity on it in 14 days. If this issue is still affecting you and in need of review, please update it to keep it open.' |
'This issue has been flagged as stale as there has been no activity on it in 14 days. If this issue is still affecting you and in need of review, please update it to keep it open.' |
'This issue has been flagged as stale as there has been no activity on it in 14 days. If this issue is still affecting you and in need of review, please update it to keep it open.' |
'This issue has been flagged as stale as there has been no activity on it in 14 days. If this issue is still affecting you and in need of review, please update it to keep it open.' |
'This issue has been flagged as stale as there has been no activity on it in 14 days. If this issue is still affecting you and in need of review, please update it to keep it open.' |
'This issue has been flagged as stale as there has been no activity on it in 14 days. If this issue is still affecting you and in need of review, please update it to keep it open.' |
And finally addressed by #335 |
The problem
If you install
bls-signatures
vianpm install bls-signature
, you will installbls-signatures
of version 0.2.5,whose source code has not yet been published to this repository.
https://www.npmjs.com/package/bls-signatures
Maybe a developer built and published its private source code into the npm registry.
I cannot say it is untrusted because the one who published the 0.2.5 version of the npm package is one of the original authors.
But in the world of crypto currency, it requires extreme level of
transparency
.The npm package published to the npm registry should be synced to the source code publicly available by this repository.
Note
Anyone who wants to install the latest package including fixed js-typings which is recently committed, please go visit my forked repository.
The text was updated successfully, but these errors were encountered: