🚀 Socket Launch Week Day 5:Introducing Repository Access Permissions and Custom Roles.Learn more
Sign In

@vercel/oidc

Package Overview
Dependencies
Maintainers
3
Versions
24
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@vercel/oidc - npm Package Compare versions

Comparing version
3.3.0-canary.20260211174907.cdd2da6
to
3.3.0
+20
-0
CHANGELOG.md
# @vercel/oidc
## 3.3.0
### Minor Changes
- 24686d0: Add configurable auth token storage with keyring-backed persistence and file fallback support.
### Patch Changes
- 56c9f89: add missing prettier dev dependency
- Updated dependencies [24686d0]
- Updated dependencies [d36ee35]
- Updated dependencies [56c9f89]
- @vercel/cli-auth@0.1.0
## 3.2.1
### Patch Changes
- Pin `typedoc-plugin-markdown` to `3.15.2` and `typedoc-plugin-mdn-links` to `3.0.3` to match the version used by `@vercel/edge`. The previous `4.1.2` version requires `typedoc@0.26.x` as a peer dependency but was paired with `typedoc@0.24.6`, which caused CI failures whenever pnpm hoisted the 4.x plugin (the plugin calls `app.internationalization.addTranslations`, which does not exist in typedoc 0.24). The choice of which plugin version got hoisted was non-deterministic, which is why the failure appeared as flaky `Build @vercel/<pkg>` steps in CI. ([#16072](https://github.com/vercel/vercel/pull/16072))
## 3.2.0

@@ -4,0 +24,0 @@

+3
-1
/**
* Auth configuration stored in ~/.../com.vercel.cli/auth.json
* Auth configuration stored in ~/.../com.vercel.cli/auth.json or OS keyring
*/
export interface AuthConfig {
'// Note'?: string;
'// Docs'?: string;
/** An `access_token` obtained using the OAuth Device Authorization flow. */

@@ -6,0 +8,0 @@ token?: string;

"use strict";
var __create = Object.create;
var __defProp = Object.defineProperty;
var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
var __getOwnPropNames = Object.getOwnPropertyNames;
var __getProtoOf = Object.getPrototypeOf;
var __hasOwnProp = Object.prototype.hasOwnProperty;

@@ -20,10 +18,2 @@ var __export = (target, all) => {

};
var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
// If the importer is in node compatibility mode or this is not an ESM
// file that has been converted to a CommonJS file using a Babel-
// compatible transform (i.e. "__esModule" has not been set), then set
// "default" to the CommonJS "module.exports" for node compatibility.
isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
mod
));
var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);

@@ -37,6 +27,10 @@ var auth_config_exports = {};

module.exports = __toCommonJS(auth_config_exports);
var fs = __toESM(require("fs"));
var path = __toESM(require("path"));
var import_token_util = require("./token-util");
function getAuthConfigPath() {
const {
clearAllCredentialsStrict,
hasCredentials,
readCredentials,
writeCredentials
} = require("@vercel/cli-auth/credentials-store.js");
function getAuthConfigDir() {
const dataDir = (0, import_token_util.getVercelDataDir)();

@@ -48,16 +42,8 @@ if (!dataDir) {

}
return path.join(dataDir, "auth.json");
return dataDir;
}
function readAuthConfig() {
try {
const authPath = getAuthConfigPath();
if (!fs.existsSync(authPath)) {
return null;
}
const content = fs.readFileSync(authPath, "utf8");
if (!content) {
return null;
}
return JSON.parse(content);
} catch (error) {
return readCredentials(getAuthConfigDir());
} catch (_error) {
return null;

@@ -67,8 +53,7 @@ }

function writeAuthConfig(config) {
const authPath = getAuthConfigPath();
const authDir = path.dirname(authPath);
if (!fs.existsSync(authDir)) {
fs.mkdirSync(authDir, { mode: 504, recursive: true });
if (hasCredentials(config)) {
writeCredentials(getAuthConfigDir(), config);
return;
}
fs.writeFileSync(authPath, JSON.stringify(config, null, 2), { mode: 384 });
clearAllCredentialsStrict(getAuthConfigDir());
}

@@ -75,0 +60,0 @@ function isValidAccessToken(authConfig, expirationBufferMs = 0) {

@@ -57,2 +57,6 @@ "use strict";

});
fs.writeFileSync(
path.join(cliDataDir, "config.json"),
JSON.stringify({ authTokenStorage: "file" })
);
import_vitest.vi.spyOn(process, "cwd").mockReturnValue(rootDir);

@@ -59,0 +63,0 @@ import_vitest.vi.mocked(import_token_io.findRootDir).mockReturnValue(rootDir);

@@ -49,3 +49,3 @@ "use strict";

}
} catch (e) {
} catch (_e) {
throw new import_token_error.VercelOidcTokenError(

@@ -52,0 +52,0 @@ "Token refresh only supported in node server environments"

@@ -52,4 +52,11 @@ "use strict";

});
fs.writeFileSync(path.join(cliDataDir, "auth.json"), '{token: "test"}');
fs.writeFileSync(
path.join(cliDataDir, "config.json"),
JSON.stringify({ authTokenStorage: "file" })
);
fs.writeFileSync(
path.join(cliDataDir, "auth.json"),
JSON.stringify({ token: "test" })
);
fs.writeFileSync(
path.join(rootDir, ".vercel", "project.json"),

@@ -56,0 +63,0 @@ JSON.stringify({ projectId })

@@ -20,3 +20,3 @@ {

},
"version": "3.3.0-canary.20260211174907.cdd2da6",
"version": "3.3.0",
"repository": {

@@ -30,7 +30,11 @@ "directory": "packages/oidc",

},
"dependencies": {
"@vercel/cli-auth": "0.1.0"
},
"devDependencies": {
"prettier": "3.8.3",
"tinyspawn": "1.3.1",
"typedoc": "0.24.6",
"typedoc-plugin-markdown": "4.1.2",
"typedoc-plugin-mdn-links": "3.2.3",
"typedoc-plugin-markdown": "3.15.2",
"typedoc-plugin-mdn-links": "3.0.3",
"typescript": "4.9.5",

@@ -37,0 +41,0 @@ "vitest": "2.0.1"