Research
PyPI Package Disguised as Instagram Growth Tool Harvests User Credentials
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
By Kush Pandya - Jun 06, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
bitbucket-server-nodejs-wh
Advanced tools
Rest client for Atlassian client
Provides access to some of client's APIs.
Installation
npm install bitbucket-server-nodejs
Initializing Client
Supports public, basic auth and OAuth1.
Specify auth's type as 'public', 'basic' or 'oauth'. Defaults to 'public'.
var Client = require('bitbucket-server-nodejs').Client;
- BASIC AUTH -
var auth = {
"type": "basic",
"username": "username",
"password": "password"
};
- OR OAUTH1 -
var auth = {
"type": "oauth",
"consumer_secret": "consumer_secret",
"signature_method": "signature_method",
"token": "token",
"token_secret": "token_secret"
};
- OR NO AUTH AT ALL, FOR PUBLIC ACCESS -
var client = new Client('http://localhost:7990/rest/api/1.0');
- OR -
var client = new Client('http://localhost:7990/rest/api/1.0', auth);
APIS
projects
Get all projects.
client.projects.get(); // Promise
repos
Get all repos for a project.
client.repos.get(projectKey); // Promise
Get all repos, using pagination.
client.repos.getAll(); // Promise
Get all repos for all projects.
client.repos.getCombined(); // Promise
Get one repo for a project.
client.repos.getRepo(projectKey, repo); // Promise
branches
Get all branches for a repo.
client.branches.get(projectKey, repoKey); // Promise
To get branches from a user repo rather than a project repo, use user's slug as the project key, prepended by '~'.
client.branches.get('~userslug', repoKey); // Promise
tags
Get all tags for a repo.
client.tags.get(projectKey, repoKey); // Promise
To get tags from a user repo rather than a project repo, use user's slug as the project key, prepended by '~'.
client.tags.get('~userslug', repoKey); // Promise
pull requests
Get all pull requests for a repo.
client.prs.get(projectKey, repoSlug); // Promise
Get all pull requests for a project.
client.prs.getCombined(projectKey); // Promise
Get all pull requests on all projects.
client.prs.getCombined(); // Promise
Get all pull requests by a specific author.
client.prs.getCombined(null, null, { author: "ben" }); // Promise
Get all pull requests in a specific state (defaults OPEN).
client.prs.getCombined(null, null, { state: "MERGED" }); // Promise
Possible states: ALL, OPEN, DECLINED or MERGED.
hooks
Get all hooks for a repo.
client.hooks.get(projectKey, repoSlug); // Promise
Get all pre-recieve hooks.
client.hooks.getPreReceive(projectKey, repoSlug); // Promise
Get all post-recieve hooks.
client.hooks.getPostReceive(projectKey, repoSlug); // Promise
Get details for a single hook.
client.hooks.getHook(projectKey, repoSlug, hookKey); // Promise
webhooks
Get all webhooks for a repo.
client.webhooks.get(projectKey, repoSlug); // Promise
Create a single webhook.
client.webhooks.createWebhook(projectKey, repoSlug, webhookDetails); // Promise
Get details for a single webhook.
client.webhooks.getWebhook(projectKey, repoSlug, webhookId); // Promise
Delete a single webhook.
client.webhooks.deleteWebhook(projectKey, repoSlug, webhookId); // Promise
settings
Get user's settings. Username and Password must be valid.
client.settings.get(username); // Promise
users
Get full list of users. You will probably need to have admin access.
client.users.get(); // Promise
Get one user.
client.users.getUser(userSlug); // Promise
API Coverage
- /rest/api/1.0/users [GET]
- /rest/api/1.0/users/{userSlug} [GET]
- /rest/api/1.0/users/{userSlug}/settings [GET]
- /rest/api/1.0/projects [GET]
- /rest/api/1.0/projects/{projectKey}/repos [GET]
- /rest/api/1.0/projects/{projectKey}/repos/{repositorySlug} [GET]
- /rest/api/1.0/projects/{projectKey}/repos/{repositorySlug}/browse [GET]
- /rest/api/1.0/projects/{projectKey}/repos/{repositorySlug}/branches [GET]
- /rest/api/1.0/projects/{projectKey}/repos/{repositorySlug}/pull-requests [GET]
- /rest/api/1.0/projects/{projectKey}/repos/{repositorySlug}/settings/hooks [GET]
- /rest/api/1.0/projects/{projectKey}/repos/{repositorySlug}/settings/hooks/{hookKey}/enabled [PUT]
- /rest/api/1.0/projects/{projectKey}/repos/{repositorySlug}/webhooks [GET,POST]
- /rest/api/1.0/projects/{projectKey}/repos/{repositorySlug}/webhooks/{webhookId} [GET,DELETE]
- /rest/api/1.0/projects/{projectKey}/repos/{repositorySlug}/tags [GET]
FAQs
Provides access to some of Bitbucket-Server's APIs.
The npm package bitbucket-server-nodejs-wh receives a total of 0 weekly downloads. As such, bitbucket-server-nodejs-wh popularity was classified as not popular.
We found that bitbucket-server-nodejs-wh demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 23 Apr 2018
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Socket Now Supports pylock.toml Files
Socket now supports pylock.toml, enabling secure, reproducible Python builds with advanced scanning and full alignment with PEP 751's new standard.
By Trevor Norris - Jun 05, 2025
Security News
Research
Destructive npm Packages Disguised as Utilities Enable Remote System Wipe
Socket uncovered two npm packages that register hidden HTTP endpoints to delete all files on command.
By Kush Pandya - Jun 05, 2025