Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
@aws-sdk/token-providers
Advanced tools
Changelog
3.564.0 (2024-04-26)
Readme
A collection of all token providers. The token providers should be used when the authorization
type is going to be token based. For example, the bearer
authorization type set using
httpBearerAuth trait in Smithy.
import { fromStatic } from "@aws-sdk/token-providers";
const token = { token: "TOKEN" };
const staticTokenProvider = fromStatic(token);
const staticToken = await staticTokenProvider(); // returns { token: "TOKEN" }
import { fromSso } from "@aws-sdk/token-providers";
// returns token from SSO token cache or ssoOidc.createToken() call.
const ssoToken = await fromSso();
import { nodeProvider } from "@aws-sdk/token-providers";
// returns token from default providers.
const token = await nodeProvider();
This package contains a minimal copy of the SSO OIDC client, instead of relying on the full client, which would cause a circular dependency.
When regenerating the bundled version of the SSO OIDC client, run the esbuild.js script and then make the following changes:
CreateTokenCommand
, the client, and this command's
associated Exception
s, it is possible to remove auth dependencies.package.json
of token-providers.FAQs
A collection of token providers
The npm package @aws-sdk/token-providers receives a total of 14,883,978 weekly downloads. As such, @aws-sdk/token-providers popularity was classified as popular.
We found that @aws-sdk/token-providers demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.