Research
2025 Report: Destructive Malware in Open Source Packages
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
By Kush Pandya - Dec 24, 2025
@firebase/auth
Advanced tools
- Version
- 0.3.4-canary.df183a5
- Version published
- Weekly downloads
- 2.7M -4.65%
- Maintainers
- 3
Weekly downloads
- Created
@firebase/auth
This is the authentication component for the Firebase JS SDK. It has a peer
dependency on the @firebase/app package on NPM. This package
is included by default in the firebase wrapper
package.
Table of Contents
Developer Setup
Dependencies
To set up a development environment to build Firebase-auth from source, you must have the following installed:
- Node.js (>= 6.0.0)
- npm (should be included with Node.js)
- Java Runtime Environment
In order to run the tests, you must also have:
- Python (2.7)
Download the Firebase source and its dependencies with:
git clone https://github.com/firebase/firebase-js-sdk.git
cd firebase-js-sdk
yarn install
Building Firebase-auth
To build the library, run:
cd packages/auth
yarn build
This will create output files in the dist/ folder.
Running unit tests.
All unit tests can be run on the command line (via Chrome and Firefox) with:
yarn test
Alternatively, the unit tests can be run manually by running
yarn run serve
Then, all unit tests can be run at: http://localhost:4000/buildtools/all_tests.html
You can also run tests individually by accessing each HTML file under
generated/tests, for example: http://localhost:4000/generated/tests/test/auth_test.html
Run tests using SauceLabs
You need a SauceLabs account to run tests on SauceLabs.
Go to your SauceLab account, under "My Account", and copy paste the access key. Now export the following variables, in two Terminal windows:
export SAUCE_USERNAME=<your username>
export SAUCE_ACCESS_KEY=<the copy pasted access key>
Then, in one Terminal window, start SauceConnect:
./buildtools/sauce_connect.sh
Take note of the "Tunnel Identifier" value logged in the terminal, at the top. In the other terminal that has the exported variables, run the tests:
yarn test -- --saucelabs --tunnelIdentifier=<the tunnel identifier>
Other packages similar to @firebase/auth
passport
Passport is an authentication middleware for Node.js. Unlike @firebase/auth which is tightly integrated with Firebase services, Passport works with any type of application and supports extensive authentication mechanisms through strategies.
auth0
Auth0 is a flexible, drop-in solution to add authentication and authorization services to your applications. It provides a broader set of features compared to @firebase/auth, including advanced user management, multi-factor authentication, and extensive integration options.
FAQs
The Firebase Authenticaton component of the Firebase JS SDK.
The npm package @firebase/auth receives a total of 2,484,710 weekly downloads. As such, @firebase/auth popularity was classified as popular.
We found that @firebase/auth demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Package last updated on 15 Mar 2018
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Engineering with AI Podcast: The Promise of AI-First Development
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.
By Sarah Gooding - Dec 24, 2025
Research
/Security News
Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations
A five-month operation turned 27 npm packages into durable hosting for browser-run lures that mimic document-sharing portals and Microsoft sign-in, targeting 25 organizations across manufacturing, industrial automation, plastics, and healthcare for credential theft.
By Nicholas Anderson, Kirill Boychenko - Dec 23, 2025