Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
auth0-bundler
Advanced tools
Bundle rules, scripts and hooks to deploy them to Auth0.
This allows you to
require
statements with relative file paths. This way common functionality can be shared between rules.createBundler
const createBundler = require('auth0-bundler');
const bundler = createBundler(options);
nodeVersion
: the node version that should be targeted (used for @babel/preset-env
), the default is 4
Bundles a single script, rule or hook so it can be deployed to Auth0. The rule needs to be written as a commonjs
module that exports a single function. This function takes an additional first parameter compared to being defined in Auth0: The injectedConfig
that can be specified at bundle time. Modules required from the node_modules
folder will not be bundled and will be required in the Auth0 environment as well. Auth0 provides a number of modules inside the Auth0 environment, to check whether a module can be required check webtaskio-canirequire.
Example:
Rule:
// my-rule.js
// Example rule to be deployed to auth0
// This dependency will be automatically bundled into the rule
const doRequest = require('../common/function');
// This dependency will be loaded using require
const R = require('ramda');
module.exports = function myRule(config, user, context, callback) {
return doRequest(`${config.baseUrl}/some/endpoint`, user).then(function (result) {
callback(null, R.merge({ some: 'result' }, result), context);
});
};
Bundle dependencies:
const createBundler = require('auth0-bundler');
const bundler = createBundler();
const config = { baseUrl: 'https://www.example.com' };
bundler
.bundleRule(config, `${__dirname}/my-rule.js`)
.then(console.log);
This is an example on how to use auth0-bundler and the Auth0 Management API client to automatically deploy a rule using auth0-bundler. Like this you can automatically deploy rules e.g. during a CI run.
const ManagementClient = require('auth0').ManagementClient;
const management = new ManagementClient({
token: '{YOUR_API_V2_TOKEN}',
domain: '{YOUR_ACCOUNT}.auth0.com'
});
const createBundler = require('auth0-bundler');
const bundler = createBundler();
const config = { baseUrl: 'https://www.example.com' };
bundler.bundleRule(config, `${__dirname}/my-rule.js`).then((bundledRule) => {
return management.createRule({
enabled: true,
name: 'my-rule',
order: 1,
stage: 'login_success',
script: bundledRule
});
});
This project is licensed under the MIT license. See the LICENSE file for more info.
1.3.1 (September 2, 2020)
createBundle
functionFAQs
Bundle rules, scripts and hooks to deploy them to Auth0.
The npm package auth0-bundler receives a total of 3 weekly downloads. As such, auth0-bundler popularity was classified as not popular.
We found that auth0-bundler demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 8 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.