Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@betatrain/appstoreconnect
Advanced tools
An App Store Connect API client for Node.js
Unofficial REST API client for Apple's App Store Connect API
appstoreconnect
has been tested to work on Node.js 8.0+. Use with any prior version is unsupported.
npm install appstoreconnect
// Import the API version from the package, which mirror Apple's API versioning
import { v1 } from 'appstoreconnect'
// Read .p8 private key from disk or from environment, and supply the issuer ID and key identifier as outlined here:
// https://developer.apple.com/documentation/appstoreconnectapi/generating_tokens_for_api_requests
const privateKey = '' // replace with the contents of your private key
const issuerId = '' // replace with your issuer ID
const keyId = '' // replace with your key ID
const token = v1.token(privateKey, issuerId, keyId)
// Initialize the service. Passing the token up-front is optional, but should be done before any API calls are made.
const api = v1(token)
// Compare to https://developer.apple.com/documentation/appstoreconnectapi/list_builds
v1
.testflight
.listBuilds(api, {})
.then(builds => console.log(builds))
.catch(err => console.error(err))
All asynchronous functionality in appstoreconnect
is driven using native Promises.
The App Store Connect API requires a JSON Web Token (JWT) for all API requests. appstoreconnect
presents both synchronous and asynchronous interfaces for processing the token. You should feel free to use the one that fits best into your project. Both interfaces can surface errors, so use a try-catch where appropriate.
const token = v1.token(privateKey, issuerId, keyId)
async function myFunc() {
try {
const token = await v1.token(privateKey, issuerId, keyId)
} catch (error) {
throw error
}
}
For more information on how JWT works with the App Store Connect API, check out Apple's authentication guides:
This is an ongoing work-in-progress so I don't have many examples yet. If you have an idea for an example, please feel free to file an issue or a pull request!
A proper API reference for appstoreconnect
is coming soon, but in the meantime, much of the documentation is lifted from Apple's reference notes on the App Store Connect API here.
This code is licensed under the MIT License.
FAQs
An App Store Connect API client for Node.js
The npm package @betatrain/appstoreconnect receives a total of 0 weekly downloads. As such, @betatrain/appstoreconnect popularity was classified as not popular.
We found that @betatrain/appstoreconnect demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.