Security News
Another Round of TEA Protocol Spam Floods npm, But It’s Not a Worm
Recent coverage mislabels the latest TEA protocol spam as a worm. Here’s what’s actually happening.
By Philipp Burckhardt - Nov 14, 2025
@nextcloud/password-confirmation
Advanced tools
@nextcloud/password-confirmation
Promise-based password confirmation for Nextcloud.
This library exports a function that displays a password confirmation dialog when called and returns a promise. This makes it easier to integrate with other asynchronous operations.
Versions compatibility
| Nextcloud | @nextcloud/vue | @nextcloud/password-confirmation |
|---|---|---|
| 28.x | 8.x | 5.x |
| 25.x - 27.x | 7.x | 2.x - 4.x |
| < 25.x | - | 1.x |
Installation
npm add @nextcloud/password-confirmation
Usage
import { confirmPassword } from '@nextcloud/password-confirmation'
import '@nextcloud/password-confirmation/style.css' // Required for dialog styles
const foo = async () => {
try {
await confirmPassword()
// Your logic
} catch (error) {
// Your error handling logic
}
}
API Reference
/**
* Check if password confirmation is required according to the last confirmation time.
* Use as a replacement of deprecated `OC.PasswordConfirmation.requiresPasswordConfirmation()`.
* Not needed if `confirmPassword()` can be used, because it checks requirements itself.
*
* @return {boolean} Whether password confirmation is required or was confirmed recently
*/
declare function isPasswordConfirmationRequired(): boolean
/**
* Confirm password if needed.
* Replacement of deprecated `OC.PasswordConfirmation.requirePasswordConfirmation(callback)`
*
* @return {Promise<void>} Promise that resolves when password is confirmed or not needded.
* Rejects if password confirmation was cancelled
* or confirmation is already in process.
*/
declare function confirmPassword(): Promise<void>
Releasing
- Create release branch
- Adjust version using
npm version vx.y.z --no-git-tag-version - Update
CHANGELOG.md - Commit and open PR
- After merge, pull latest main
git tag vx.y.zgit push origin vx.y.znpm ci && npm run build && npm publish
Keywords
FAQs
Password confirmation for Nextcloud
The npm package @nextcloud/password-confirmation receives a total of 3,336 weekly downloads. As such, @nextcloud/password-confirmation popularity was classified as popular.
We found that @nextcloud/password-confirmation demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 9 open source maintainers collaborating on the project.
Package last updated on 17 Dec 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
PyPI Expands Trusted Publishing to GitLab Self-Managed as Adoption Passes 25 Percent
PyPI adds Trusted Publishing support for GitLab Self-Managed as adoption reaches 25% of uploads
By Sarah Gooding - Nov 14, 2025
Research
/Security News
Malicious Chrome Extension Exfiltrates Seed Phrases, Enabling Wallet Takeover
A malicious Chrome extension posing as an Ethereum wallet steals seed phrases by encoding them into Sui transactions, enabling full wallet takeover.
By Kirill Boychenko - Nov 12, 2025