Open source contributions from Fadroma over the past couple months
Fadroma is committed to being a good citizen of the Free and Open Source Software (FOSS) ecosystem — which powers Web 2.0, Web3, and the Internet of Anything.
A big part of a healthy open source strategy involves contributing to upstream repositories. As the communication channels of the CosmWasm ecosystem are somewhat less inclusive than necessary (in no small part due to depending on yikes Telegram), we’ve been testing the waters with a few small-ish PRs direct to GitHub.
On Aug 17, SecretJS, the JS/TS client for Secret Network, the Intel SGX-powered chain with encrypted transactions, gained the following:
scrtlabs/secretjs#155: fix(test): make test.sh portable.
Mac-centric developers might not be affected by this, but the “correct” way to start a shell script is
#!/usr/bin/env bash, not just
#!/bin/bash . This tiny one-line fix enables the test suite of SecretJS to be run on a more varied range of workstations; thus making it one step easier for devs running custom systems to lend a hand to Secret Network maintainer Assaf Morami (you rock, man ????)
scrtlabs/secretjs#156: fix(CVE-2023–36665): upgrade protobufjs to 6.11.4.
Object.assign on input data must now take extra care to sanitize inputs. ????
SecretJS uses Protobuf.js to talk to nodes. We’ve updated SecretJS to use the latest fixed version of Protobuf’s
v6 branch, in order to keep your private keys and mnemonics a little safer. ????
One further pull request to
secretjs awaits to be merged:
scrtlabs/secretjs#154: perf(npm): move sinon to devDependencies
This is a performance upgrade that moves the Sinon testing library into the
devDependencies of SecretJS’s
package.json . This way,
npm install has to download 8MiB less when getting started with
secretjs, amounting to a 15–25% improvement in download size!
We’re eagerly awaiting the upcoming release of SecretJS 1.9.4, which will contain the above improvements.
In the coming weeks, we plan to submit several more proposed improvements to SecretJS:
- Replace the
@scure/bip39, which are actively maintained and natively ESM-compatible.
secretjssource tree, as they are both unmaintained and CJS-only.
importstatements in the compiled code. As untangling them manually is a daunting task, we’ve written an AST rewriting tool to update them in one go.
- Make the contained Protobuf.js bindings directly usable in Node.js. Right now, Node adds an extra
defaultwhen importing the (still CJS-based) Protobuf.js library, which breaks stuff in certain contexts. Fixing this without confusing TypeScript is also fiddly, so we’ve used that same tool again (announcement soon!)
- Permanently resolve a circular import or two. Bundlers sometimes resolve those at build time, but in the case of direct TS->ESM compilation they remain problematic. (We tried two circular dependency checkers from NPM and neither caught them, so had to fish them out manually.)
From Jul 23 to Sep 8, we collaborated with OKP4 Network, an innovative French blockchain that brings Prolog-based Governance-as-a-Service to the CosmWasm space, to improve their documentation:
okp4/docs#276: Docs: Replace broken, sprawling
jsonschema2mdoutput with 3 compact guides generated by Fadroma
okp4/contracts#342: chore: update @fadroma/schema to 1.1.0
(Now, that title is quite a mouthful, isn’t it. Striking a balance between brevity and accuracy is one of the main challenges in effective tech communication.)
In short: we replaced “one page per field” with “one page per contract”.
Rather than wading through the output of
jsonschema2md (a barely maintained Adobe tool which had generated many difficult to navigate pages that contained a ton of
Undefined identifiers), you can now get all the info for talking to their contracts in one place — thanks to a brand new addition to the Fadroma toolkit,
You can now browse the updated docs at https://docs.okp4.network/contracts. Thanks to the OKP4 team for keeping the link to
@fadroma/schema in the generated pages! ❤️
In the pipeline
On the OKP4 side, our bindings to OKP4 contracts are looking good. The desire to bring them to all platforms and developers made us base them on an ESM-compatible fork of CosmJS Stargate — which will also become a source of pull requests in the near future, enabling a wider variety of dev tooling to be used when building CosmWasm client applications.
Expect a tutorial for using OKP4 from Fadroma soon!
As Secret Network documentation work seems to be experiencing a lack of resources, we invite projects using Secret Network to send us their contract addresses and APIs, so we can add support for them to
@fadroma/scr — and publish a new index of Secret Network apps and contracts, alongside an easy way to use them all. ????
Do you know any nitpicks, papercuts, and other specific improvements you would like to see in CosmWasm dev tooling? Let us know in the comments — or at
Until next time! ????