Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
@asymmetrik/fhir-secrets
Advanced tools
Readme
FHIR-Secrets
AWS KMS Secrets retrieval promisified.
yarn add @asymmetrik/fhir-secrets
Depending on where you are running this code, the setup portion may change. If you have a default AWS profile with region and everything else set, you can use the decrypt function as follows:
const secrets = require('@asymmetrik/fhir-secrets');
// This is output when you encrypt a secret with kms
// https://docs.aws.amazon.com/cli/latest/reference/kms/encrypt.html
let CiphertextBlob = 'somefakeblobcontent=';
// Lets assume this blob contains metadata for a plaintext secret with value foobar
secrets
.decrypt({ CiphertextBlob })
.then((secret) => {
console.log(secret);
// logs foobar
})
.catch(console.error);
If you need to configure the setup process with region or other properties in the client class constructor, you can do so and chain the process.
const secrets = require('@asymmetrik/fhir-secrets');
secrets
.configure({ region: 'us-east-2' })
.decrypt({ CiphertextBlob: 'somefakeblobcontent=' })
.then((secret) => doThingsWithSecret())
.catch(console.error);
See fhir-secrets tests for more usage examples.
Configures the service class with any AWS or service class specific configurations.
This takes a single options object. See https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/KMS.html#constructor-property. It returns this
so you can immediately call decrypt
after configuring it.
Wrapper on kms.decrypt but returns a promise which resolves the plain text of the secret.
This takes a single options object. See https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/KMS.html#decrypt-property. The only necessary property from this is CiphertextBlob
.
FAQs
AWS KMS Secrets retrieval promisified
The npm package @asymmetrik/fhir-secrets receives a total of 0 weekly downloads. As such, @asymmetrik/fhir-secrets popularity was classified as not popular.
We found that @asymmetrik/fhir-secrets demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 8 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.