Product
Announcing Bun and vlt Support in Socket
Bringing supply chain security to the next generation of JavaScript package managers
By Ricky Reusser, Eli Insua -  Nov 19, 2025
🚀 DAY 3 OF LAUNCH WEEK:Announcing Bun and vlt Support in Socket.Learn more →
@zrpaplicacoes/strapi-provider-upload-do
Advanced tools
Strapi Upload Provider for Digital Ocean Spaces
This provider will upload to the space using the AWS S3 API
Parameters
- key : Space access key
- secret : Space access secret
- endpoint : Base URL of the space (e.g.
fra.digitaloceanspaces.com) - space : Name of the space in the Digital Ocean panel.
- directory : Name of the sub-directory you want to store your files in. (Optionnal - e.g.
/example) - cdn : CDN Endpoint - URL of the cdn of the space (Optionnal - e.g.
cdn.example.com)
How to use
- Install this package using npm or yarn
npm i strapi-provider-upload-dos
yarn add strapi-provider-upload-dos
- Create config in
./config/pluginswith content (create if not exist (plugins.js))
module.exports = {
upload: {
config: {
provider: "strapi-provider-upload-dos",
providerOptions: {
key: process.env.DO_SPACE_ACCESS_KEY,
secret: process.env.DO_SPACE_SECRET_KEY,
endpoint: process.env.DO_SPACE_ENDPOINT,
space: process.env.DO_SPACE_BUCKET,
directory: process.env.DO_SPACE_DIRECTORY,
cdn: process.env.DO_SPACE_CDN,
},
},
},
};
- Create
.envand add to them
DO_SPACE_ACCESS_KEY
DO_SPACE_SECRET_KEY
DO_SPACE_ENDPOINT
DO_SPACE_BUCKET
DO_SPACE_DIRECTORY
DO_SPACE_CDN
with values obtained from tutorial:
https://www.digitalocean.com/community/tutorials/how-to-create-a-digitalocean-space-and-api-key
Parameter DO_SPACE_DIRECTORY and DO_SPACE_CDN is optional and you can ommit them both in .env and settings.
Modify the CSP roules and define the source
config/middlewares.js
module.exports = [
"strapi::errors",
{
name: "strapi::security",
config: {
contentSecurityPolicy: {
useDefaults: true,
directives: {
"connect-src": ["'self'", "https:"],
"img-src": [
"'self'",
"data:",
"blob:",
"*.digitaloceanspaces.com"
],
"media-src": ["'self'", "data:", "blob:"],
upgradeInsecureRequests: null,
},
},
},
},
"strapi::cors",
"strapi::poweredBy",
"strapi::logger",
"strapi::query",
"strapi::body",
"strapi::favicon",
"strapi::public",
];
Resources
Links
FAQs
Strapi Provider for Digital Ocean Spaces
We found that @zrpaplicacoes/strapi-provider-upload-do demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 7 open source maintainers collaborating on the project.
Package last updated on 09 May 2022
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Announcing Socket Certified Patches: One-Click Fixes for Vulnerable Dependencies
A safer, faster way to eliminate vulnerabilities without updating dependencies
By Mikola Lysenko, Jordan Harband, Jonah Ghebremichael -  Nov 18, 2025
Product
Reachability for Ruby Now in Beta
Reachability analysis for Ruby is now in beta, helping teams identify which vulnerabilities are truly exploitable in their applications.
By Oskar Haarklou Veileborg -  Nov 17, 2025