
Research
PyPI Package Disguised as Instagram Growth Tool Harvests User Credentials
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
bitbucket-server-nodejs-wh
Advanced tools
Provides access to some of client's APIs.
npm install bitbucket-server-nodejs
Supports public, basic auth and OAuth1.
Specify auth's type as 'public', 'basic' or 'oauth'. Defaults to 'public'.
var Client = require('bitbucket-server-nodejs').Client;
- BASIC AUTH -
var auth = {
"type": "basic",
"username": "username",
"password": "password"
};
- OR OAUTH1 -
var auth = {
"type": "oauth",
"consumer_secret": "consumer_secret",
"signature_method": "signature_method",
"token": "token",
"token_secret": "token_secret"
};
- OR NO AUTH AT ALL, FOR PUBLIC ACCESS -
var client = new Client('http://localhost:7990/rest/api/1.0');
- OR -
var client = new Client('http://localhost:7990/rest/api/1.0', auth);
Get all projects.
client.projects.get(); // Promise
Get all repos for a project.
client.repos.get(projectKey); // Promise
Get all repos, using pagination.
client.repos.getAll(); // Promise
Get all repos for all projects.
client.repos.getCombined(); // Promise
Get one repo for a project.
client.repos.getRepo(projectKey, repo); // Promise
Get all branches for a repo.
client.branches.get(projectKey, repoKey); // Promise
To get branches from a user repo rather than a project repo, use user's slug as the project key, prepended by '~'.
client.branches.get('~userslug', repoKey); // Promise
Get all tags for a repo.
client.tags.get(projectKey, repoKey); // Promise
To get tags from a user repo rather than a project repo, use user's slug as the project key, prepended by '~'.
client.tags.get('~userslug', repoKey); // Promise
Get all pull requests for a repo.
client.prs.get(projectKey, repoSlug); // Promise
Get all pull requests for a project.
client.prs.getCombined(projectKey); // Promise
Get all pull requests on all projects.
client.prs.getCombined(); // Promise
Get all pull requests by a specific author.
client.prs.getCombined(null, null, { author: "ben" }); // Promise
Get all pull requests in a specific state (defaults OPEN).
client.prs.getCombined(null, null, { state: "MERGED" }); // Promise
Possible states: ALL, OPEN, DECLINED or MERGED.
Get all hooks for a repo.
client.hooks.get(projectKey, repoSlug); // Promise
Get all pre-recieve hooks.
client.hooks.getPreReceive(projectKey, repoSlug); // Promise
Get all post-recieve hooks.
client.hooks.getPostReceive(projectKey, repoSlug); // Promise
Get details for a single hook.
client.hooks.getHook(projectKey, repoSlug, hookKey); // Promise
Get all webhooks for a repo.
client.webhooks.get(projectKey, repoSlug); // Promise
Create a single webhook.
client.webhooks.createWebhook(projectKey, repoSlug, webhookDetails); // Promise
Get details for a single webhook.
client.webhooks.getWebhook(projectKey, repoSlug, webhookId); // Promise
Delete a single webhook.
client.webhooks.deleteWebhook(projectKey, repoSlug, webhookId); // Promise
Get user's settings. Username and Password must be valid.
client.settings.get(username); // Promise
Get full list of users. You will probably need to have admin access.
client.users.get(); // Promise
Get one user.
client.users.getUser(userSlug); // Promise
FAQs
Provides access to some of Bitbucket-Server's APIs.
The npm package bitbucket-server-nodejs-wh receives a total of 0 weekly downloads. As such, bitbucket-server-nodejs-wh popularity was classified as not popular.
We found that bitbucket-server-nodejs-wh demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
Product
Socket now supports pylock.toml, enabling secure, reproducible Python builds with advanced scanning and full alignment with PEP 751's new standard.
Security News
Research
Socket uncovered two npm packages that register hidden HTTP endpoints to delete all files on command.