Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@backstage/plugin-bitbucket-cloud-common
Advanced tools
Common functionalities for bitbucket-cloud plugins
Welcome to the common package for bitbucket-cloud plugins!
This common package provides a reusable API client for the Bitbucket Cloud API which can be reused in catalog-backend-module plugins, scaffolder modules, etc.
Using a shared client allows to control all traffic going from Backstage to the Bitbucket Cloud API compared to separate clients or inline API calls.
We may want to leverage this later to add rate limiting, etc.
This command will
This command will download the latest version of the Bitbucket Cloud OpenAPI Specification and apply some mutations to fix bugs or improve the schema for a better code generation output.
yarn refresh-schema
The models used are created based on the local OpenAPI Specification file using a code generator. Some post-cleanup is applied to improve the generated output.
The client itself using the models is not generated.
yarn generate-models
In order to keep the API surface minimal, this command helps to only keep the minimal part of the
generated models by considering all Models
module members directly or transitively used by the
client implementation.
yarn reduce-models
If you want to add a new method to the client implementation which may use a new endpoint or "new" models you can
At this point, you have all models usable for adding a new method using any of them.
If you are ready with your addition to the client, you can reduce the models to the minimal needed.
FAQs
Common functionalities for bitbucket-cloud plugins
The npm package @backstage/plugin-bitbucket-cloud-common receives a total of 37,743 weekly downloads. As such, @backstage/plugin-bitbucket-cloud-common popularity was classified as popular.
We found that @backstage/plugin-bitbucket-cloud-common demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.