setwithfriends 正在参加 2021 年度 OSC 中国开源项目评选,请投票支持!
setwithfriends 在 2021 年度 OSC 中国开源项目评选 中已获得 {{ projectVoteCount }} 票,请投票支持!
2021 年度 OSC 中国开源项目评选 正在火热进行中,快来投票支持你喜欢的开源项目!
2021 年度 OSC 中国开源项目评选 >>> 中场回顾
setwithfriends 获得 2021 年度 OSC 中国开源项目评选「最佳人气项目」 !
授权协议 MIT License
开发语言 JavaScript
操作系统 跨平台
软件类型 开源软件
所属分类 云计算Serverless 系统
地区 不详
投 递 者 首席测试
适用人群 未知
收录时间 2021-12-02


Set with Friends


This is the source code for Set with Friends, an online, multiplayer implementation of the real-time card game Set. Your goal is to find triplets of cards that follow a certain pattern as quickly as possible.

Technical Details

This app was built on a serverless stack primarily using the Firebase Realtime Database, along with Firebase Cloud Functions for more complex or sensitive operations. The frontend was built with React, with components from Material UI.

Code for the frontend is written in JavaScript and located in the src/ folder, while serverless functions are written in TypeScript and located in the functions/ folder.

The latest development version of the code is on the main branch. We use GitHub Actions to automate our build and deployment process on Netlify, after a new release is created with version number vA.B.C.


This game is in active development, and we welcome contributions from developers of all backgrounds. I would recommend talking to us on Discord (link above) or submitting an issue if you want to see a new feature added. If you would like to help by contributing code, that's great – we would be happy to set up a time to chat!

To build the site for development:

  • Install Node.js 14 and npm 7.
  • Run npm install -g firebase-tools to globally install the Firebase CLI.
  • Run npm install in the root folder to get dependencies.
  • Run npm install in the functions folder.
  • To start the project, run npm run dev. This runs a script, which is responsible for doing several things concurrently:
    • Build the TypeScript cloud functions in watch mode.
    • Start the Firebase Local Emulator Suite.
    • Start the frontend with React Fast Refresh enabled.

You should also be able to access the Emulator UI at http://localhost:4000, which contains useful information and allows you to inspect/modify the database during development. Changes to client code in src should be immediately visible, as well as changes to code in functions.

Please make all pull requests with new features or bugfixes to the main branch. We are formatting code using Prettier, so you should run npm run format on your code before making a pull request.


As mentioned above, the latest changes to the main branch are deployed automatically to Netlify using the npm run build script. If you try to run this locally, it will not work due to protections on the production database. Instead, you can preview a release build configured to connect to the local emulator suite using the npm run build:dev script.

The other parts of the app (serverless functions, database rules) are deployed to production using GitHub Actions on the main branch. The staging environment gets automatic deploy previews when CI on the main branch passes. It is useful for seeing the latest version of the app and making sure that nothing is broken before releasing to production.


Built by Eric Zhang and Cynthia Du.

All source code is available under the MIT License. We are not affiliated with Set Enterprises, Inc., or the SET® card game.




点击引领话题📣 发布并加入讨论🔥
{{o.pubDate | formatDate}}


{{parseInt(o.replyCount) | bigNumberTransform}}
{{parseInt(o.viewCount) | bigNumberTransform}}
{{o.pubDate | formatDate}}


{{parseInt(o.replyCount) | bigNumberTransform}}
{{parseInt(o.viewCount) | bigNumberTransform}}
Async 安全漏洞
Async是英国Caolan McMahon个人开发者的一个实用模块。用于使用异步 JavaScript。 Async 3.2.1 及之前版本存在安全漏洞,该漏洞源于 mapValues() 方法。攻击者可通过 mapValues() 方法获取权限。
CVE-2021-43138 MPS-2021-34434
2022-08-08 19:28
Moment.js 正则拒绝服务漏洞
Moment.js 是一个 JavaScript 日期库。用于解析、验证、操作和格式化日期。 Moment.js 在处理嵌套 rfc2822 注释内容时正则表达式执行时间不断的指数增大,导致服务不可用。 攻击者可利用该漏洞使目标服务停止响应甚至崩溃。
CVE-2022-31129 MPS-2022-11159
2022-08-08 19:28
Moment.js 路径遍历漏洞
Moment.js 是一个 JavaScript 日期库。用于解析、验证、操作和格式化日期。 Moment.js 的 npm 版本中处理目录遍历序列时对于输入验证不严格导致可以构造特制的 HTTP 请求读取系统上的任意文件。 攻击者可利用该漏洞访问系统敏感文件。
CVE-2022-24785 MPS-2022-3752
2022-08-08 19:28
0 评论
0 收藏