
Security News
Follow-up and Clarification on Recent Malicious Ruby Gems Campaign
A clarification on our recent research investigating 60 malicious Ruby gems.
@parse/fs-files-adapter
Advanced tools
Supply Chain Security
Vulnerability
Quality
Maintenance
License
The Parse Server File System Storage Adapter.
npm install --save @parse/fs-files-adapter
{
"appId": 'my_app_id',
"masterKey": 'my_master_key',
// other options
// ...
"filesAdapter": {
"module": "@parse/fs-files-adapter",
"options": {
"filesSubDirectory": "my/files/folder", // Optional, defaults to `./files`
"encryptionKey": "someKey" // Optional, but mandatory if you want to encrypt files
}
}
}
var FSFilesAdapter = require('@parse/fs-files-adapter');
var fsAdapter = new FSFilesAdapter({
"filesSubDirectory": "my/files/folder", // optional, defaults to ./files
"encryptionKey": "someKey" //optional, but mandatory if you want to encrypt files
});
var api = new ParseServer({
appId: 'my_app',
masterKey: 'master_key',
filesAdapter: fsAdapter
})
Periodically you may want to rotate your encryptionKey for security reasons. When this is the case, you can start up a development parse-server that has the same configuration as your production server. In the development server, initialize the file adapter with the new key and use the examples below.
Note that the examples below to rotate keys are are not optimized for performance. Is it therefore not recommended to rotate a large number of files using the code below in a production environment; instead use dedicated resources for that.
var FSFilesAdapter = require('@parse/fs-files-adapter');
var fsAdapter = new FSFilesAdapter({
"filesSubDirectory": "my/files/folder", // Optional, defaults to `./files`
"encryptionKey": "newKey" // Use the new key
});
var api = new ParseServer({
appId: 'my_app',
masterKey: 'master_key',
filesAdapter: fsAdapter
});
const { rotated, notRotated } = await api.filesAdapter.rotateEncryptionKey();
console.log('Files rotated to newKey: ' + rotated);
console.log('Files that couldn\'t be rotated to newKey: ' + notRotated);
After successfully rotating your key, you should change the encryptionKey
to newKey
on your production server and then restart the server.
To encrypt files with a new key that were previously encrypted with a different key, the same process applies as above, but you pass in your oldKey
to rotateEncryptionKey()
.
const {rotated, notRotated} = await api.filesAdapter.rotateEncryptionKey({oldKey: oldKey});
console.log('Files rotated to newKey: ' + rotated);
console.log('Files that couldn\'t be rotated to newKey: ' + notRotated);
You can also only rotate a select list of files that were previously encrypted with oldKey
and you want to encrypt with newKey
. This is useful if for some reason there errors and some of the files werent rotated and returned in notRotated
. The same process as above, but pass in your oldKey
along with the array of fileNames
to rotateEncryptionKey()
.
const { rotated, notRotated } = await api.filesAdapter.rotateEncryptionKey({ oldKey: oldKey, fileNames: ["fileName1.png","fileName2.png"] });
console.log('Files rotated to newKey: ' + rotated);
console.log('Files that couldn\'t be rotated to newKey: ' + notRotated);
Multiple Instances of Parse Server
When using the adapter across multiple Parse Server instances it's important to establish "centralization" of your file storage (this is the same premise as the other file adapters, you are sending/receiving files through a dedicated link). You can accomplish this at the file storage level by Samba mounting (or any other type of mounting) your storage to each of your parse-server instances, e.g if you are using parse-server via docker (volume mount your SMB drive to - /Volumes/SMB-Drive/MyParseApp1/files:/parse-server/files
). All parse-server instances need to be able to read and write to the same storage in order for parse-server-fs-adapter to work properly with parse-server. If the file storage isn't centralized, parse-server will have trouble locating files and you will get random behavior on client-side.
FAQs
File system adapter for parse-server
The npm package @parse/fs-files-adapter receives a total of 24,270 weekly downloads. As such, @parse/fs-files-adapter popularity was classified as popular.
We found that @parse/fs-files-adapter demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A clarification on our recent research investigating 60 malicious Ruby gems.
Security News
ESLint now supports parallel linting with a new --concurrency flag, delivering major speed gains and closing a 10-year-old feature request.
Research
/Security News
A malicious Go module posing as an SSH brute forcer exfiltrates stolen credentials to a Telegram bot controlled by a Russian-speaking threat actor.