Security News
Cloudflare Adds Security.txt Setup Wizard
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
@digitalbazaar/security-document-loader
Advanced tools
A JSON-LD documentLoader library pre-loaded with core commonly used contexts (suites, VC, DIDs).
A JSON-LD documentLoader library pre-loaded with commonly used security contexts (suites, VC, DIDs).
This is useful for unit tests, in Node.js and the browser.
It includes several core contexts and DID resolvers that you might want when
testing applications involving Verifiable Credentials, did:key
or Veres One
DIDs, as well as Ed25519 signing and verifying.
Note: This library plays a similar role to bedrock-security-context
, but is
intended for not just Bedrock style applications, but also for isomorphic libs,
etc.
Included contexts:
https://www.w3.org/ns/did/v1
DID Core Context v1https://w3id.org/veres-one/v1
Veres One DID Method Context v1https://www.w3.org/2018/credentials/v1
Verifiable Credentials v1https://w3id.org/security/suites/ed25519-2020/v1
Ed25519Signature2020 Crypto Suitehttps://w3id.org/security/suites/x25519-2020/v1
X25519VerificationKey2020 Crypto SuiteIncluded DID Method drivers:
did:key
(via @digitalbazaar/did-method-key
)Other required contexts and did drivers can easily be added (see Usage section below).
TBD
To install via NPM:
npm install --save @digitalbazaar/security-document-loader
To install locally (for development):
git clone https://github.com/digitalbazaar/security-document-loader.git
cd security-document-loader
npm install
The core document loader is easily extensible. For example, to add more contexts:
import {securityLoader} from '@digitalbazaar/security-document-loader';
import secCtx from '@digitalbazaar/security-context';
import webkmsCtx from 'webkms-context';
import zcapCtx from 'zcap-context';
const loader = securityLoader()
loader.addStatic(
secCtx.SECURITY_CONTEXT_V2_URL,
secCtx.contexts.get(secCtx.SECURITY_CONTEXT_V2_URL)
);
loader.addStatic(webkmsCtx.CONTEXT_URL, webkmsCtx.CONTEXT);
loader.addStatic(zcapCtx.CONTEXT_URL, zcapCtx.CONTEXT);
const documentLoader = loader.build();
By default, securityLoader
uses did-io
's CachedResolver as a harness for
multiple DID method drivers, and supports the did-method-key
driver.
To add another did method driver to it:
import {securityLoader} from '@digitalbazaar/security-document-loader';
const loader = securityLoader()
loader.protocolHandlers.get('did').use(didMethodDriver);
See the contribute file!
PRs accepted.
If editing the Readme, please conform to the standard-readme specification.
Commercial support for this library is available upon request from Digital Bazaar: support@digitalbazaar.com
New BSD License (3-clause) © Digital Bazaar
3.0.0 - 2024-08-05
credentials-context
to @digitalbazaar/credentials-context
for VC 2.0 support.jsonld-document-loader@2.2.0
.addDocuments
to simplify context loading.FAQs
A JSON-LD documentLoader library pre-loaded with core commonly used contexts (suites, VC, DIDs).
The npm package @digitalbazaar/security-document-loader receives a total of 254 weekly downloads. As such, @digitalbazaar/security-document-loader popularity was classified as not popular.
We found that @digitalbazaar/security-document-loader demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.
Security News
ENISA’s 2024 report highlights the EU’s top cybersecurity threats, including rising DDoS attacks, ransomware, supply chain vulnerabilities, and weaponized AI.