Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
appcenter-file-upload-client
Advanced tools
Readme
FileUploadClient
- client to simplify upload process for AppCenter needs using Microsoft file upload servicenpm install
npm run build
There are a bunch of scripts in package.json file. Here's what they are and what they do:
Script command | What it does |
---|---|
npm run build | Compiles the typescript into javascript, creates dist directory. |
npm run clean | Cleans up any compilation output. |
npm run prepublish | Clean dist folder, compiles ts and moves js to dist folder. |
There will be more over time.
If you don't already have a user account in npm, go to your terminal and type in npm adduser
and follow the instructions to create an account.
Go to npmjs.com/package/appcenter-file-upload-client
to view the list of admins.
Ask one of the current admins to add you to the package as an admin in npm.
Wait 30 minutes after getting added to the package and then go to your terminal and type.
npm run prepublish
npm publish
If you have auth issues when running these commands type npm login
in your terminal and follow the instructions to log in.
After importing, file-upload-client
module could be used by calling upload
method, accepting the following object:
interface IFileUploadClientSettings {
assetId: string;
assetDomain: string;
assetToken: string;
filePath: string;
useLogging?: boolean;
onProgressChanged?(progress: IProgress): void;
onMessage?(errorMessage: string, MessageLevel: MessageLevel): void;
onStateChanged?(status: FileUploadServiceState): void;
}
NOTE: assetId/assetDomain/assetToken should be provided by File Upload Service.
The upload events adds useful hooks to track upload process.
const fileUploadData = {
assetId: "",
assetToken: "",
assetUploadDomian: ""
};
Example Usage:
new FileUploadClient().upload(<IFileUploadClientSettings>{
onMessage: (uploadMessage: string, messageLevel: MessageLevel) => {
console.log(`Upload message: ${uploadMessage}`);
},
onProgressChanged: (progressData: IProgress) => {
console.log(`Upload progress: ${progressData.percentCompleted}`);
},
assetId: fileUploadData.assetId,
assetDomain: fileUploadData.assetUploadDomian,
assetToken: fileUploadData.assetToken,
filePath: FILE_PATH
}).then((uploadResult: IUploadResults) => {
console.log("Wow, upload completed, use this URL to download file: ", uploadResult.downloadUrl);
}).catch((error: FileUploadError) => {
console.log('An error occured: ', error.message);
});
Example Usage:
const uploadClient = new FileUploadClient({ ... });
uploadClient.upload( { ... });
uploadClient.cancel();
Example Usage:
const uploadClient = new FileUploadClient({ ... });
const isInProgress = uploadClient.isUploadInProgress();
FAQs
Upload client for App Center services
The npm package appcenter-file-upload-client receives a total of 181,478 weekly downloads. As such, appcenter-file-upload-client popularity was classified as popular.
We found that appcenter-file-upload-client demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.