Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
azure-blob-storage
Advanced tools
This library wraps an Azure Blob Storage container which stores objects in JSON format.
DataContainer is a wrapper over Azure Blob Storage container which stores only objects in JSON format. All the objects that will be stored will be validated against the schema that is provided at the creation time of the container.
The constructor of the DataContainer takes the following options:
{
// Azure connection details for use with SAS from auth.taskcluster.net
account: '...', // Azure storage account name
container: 'AzureContainerName', // Azure container name
// TaskCluster credentials
credentials: {
clientId: '...', // TaskCluster clientId
accessToken: '...', // TaskCluster accessToken
},
accessLevel: 'read-write', // The access level of the container: read-only/read-write (optional)
authBaseUrl: '...', // baseUrl for auth (optional)
schema: '...', // JSON schema object
// Max number of update blob request retries
updateRetries: 10,
// Multiplier for computation of retry delay: 2 ^ retry * delayFactor
updateDelayFactor: 100,
// Randomization factor added as:
// delay = delay * random([1 - randomizationFactor; 1 + randomizationFactor])
updateRandomizationFactor: 0.25,
// Maximum retry delay in ms (defaults to 30 seconds)
updateMaxDelay: 30 * 1000,
}
Using the options
format provided above a shared-access-signature will be fetched from auth.taskcluster.net. To fetch the
shared-access-signature the following scope is required:
auth:azure-blob:<level>:<account>/<container>
In case you have the Azure credentials, the options are:
{
// Azure credentials
credentials: {
accountName: '...', // Azure account name
accountKey: '...', // Azure account key
}
}
await container.ensureContainer();
await container.removeContainer();
let blob = await container.listBlobs({
prefix: 'state',
maxResults: 1000,
});
let handler = async (blob) => {
await blob.modify((content) => {
content.version += 1;
});
};
let options = {
prefix: 'state',
};
await container.scanDataBlockBlob(handler, options);
let options = {
name: 'state-blob',
cacheContent: true,
};
let content = {
value: 30,
};
let dataBlob = await container.createDataBlockBlob(options, content);
let options = {
name: 'auth-log',
};
let content = {
user: 'test',
};
let appendBlob = await container.createAppendDataBlob(options, content);
let blob = await container.load(blob, false);
ignoreIfNotExists
to true to ignore the error that is
thrown in case the blob does not exist.
Returns true, if the blob was deleted. It makes sense to read the return value only if ignoreIfNotExists
is set. await container.remove('state-blob', true);
DataBlockBlob is a wrapper over an Azure block blob which stores a JSON data which is conform with schema defined at container level.
AppendDataBlob is a wrapper over an Azure append blob. This type is optimized for fast append operations and all writes happen at the end of the blob. Updating and deleting the existing content is not supported. This type of blob can be used for e.g. logging or auditing.
The constructor of the blob takes the following options:
{
name: '...', // The name of the blob (required)
container: '...', // An instance of DataContainer (required)
contentEncoding: '...', // The content encoding of the blob
contentLanguage: '...', // The content language of the blob
cacheControl: '...', // The cache control of the blob
contentDisposition: '...', // The content disposition of the blob
cacheContent: true|false, // This can be set true in order to keep a reference of the blob content.
// Default value is false
}
The options cacheContent
can be set to true only for DataBlockBlob because, AppendDataBlob does not support the caching
of its content.
let content = {
value: 40,
}
let content = await dataBlob.create(content);
cacheContent
was set. let content = await dataBlob.load();
modifier
is a function that will be called with a clone of the blob
content as first argument and it should apply the changes to the instance of the object passed as argument. let modifier = (data) => {
data.value = 'new value';
};
let options = {
prefix: 'state',
};
await dataBlob.modify(modifier, options);
await logBlob.create();
let content = {
user: 'test2',
}
await logBlob.append(content);
let content = await logBlob.load();
FAQs
azure-blob-storage
We found that azure-blob-storage demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.