Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
libnpmorg
Advanced tools
Readme
libnpmorg
is a Node.js library for
programmatically accessing the npm Org membership
API.
const org = require('libnpmorg')
console.log(await org.ls('myorg', {token: 'deadbeef'}))
=>
Roster {
zkat: 'developer',
iarna: 'admin',
isaacs: 'owner'
}
$ npm install libnpmorg
opts
for libnpmorg
commandslibnpmorg
uses npm-registry-fetch
.
All options are passed through directly to that library, so please refer to its
own opts
documentation
for options that can be passed in.
A couple of options of note for those in a hurry:
opts.token
- can be passed in and will be used as the authentication token for the registry. For other ways to pass in auth details, see the n-r-f docs.opts.otp
- certain operations will require an OTP token to be passed in. If a libnpmorg
command fails with err.code === EOTP
, please retry the request with {otp: <2fa token>}
> org.set(org, user, [role], [opts]) -> Promise
The returned Promise resolves to a Membership Detail object.
The role
is optional and should be one of admin
, owner
, or developer
.
developer
is the default if no role
is provided.
org
and user
must be scope names for the org name and user name
respectively. They can optionally be prefixed with @
.
See also: PUT /-/org/:scope/user
await org.set('@myorg', '@myuser', 'admin', {token: 'deadbeef'})
=>
MembershipDetail {
org: {
name: 'myorg',
size: 15
},
user: 'myuser',
role: 'admin'
}
> org.rm(org, user, [opts]) -> Promise
The Promise resolves to null
on success.
org
and user
must be scope names for the org name and user name
respectively. They can optionally be prefixed with @
.
See also: DELETE /-/org/:scope/user
await org.rm('myorg', 'myuser', {token: 'deadbeef'})
> org.ls(org, [opts]) -> Promise
The Promise resolves to a Roster object.
org
must be a scope name for an org, and can be optionally prefixed with @
.
See also: GET /-/org/:scope/user
await org.ls('myorg', {token: 'deadbeef'})
=>
Roster {
zkat: 'developer',
iarna: 'admin',
isaacs: 'owner'
}
> org.ls.stream(org, [opts]) -> Stream
Returns a stream of entries for a
Roster,
with each emitted entry in [key, value]
format.
org
must be a scope name for an org, and can be optionally prefixed with @
.
The returned stream is a valid Symbol.asyncIterator
.
See also: GET /-/org/:scope/user
for await (let [user, role] of org.ls.stream('myorg', {token: 'deadbeef'})) {
console.log(`user: ${user} (${role})`)
}
=>
user: zkat (developer)
user: iarna (admin)
user: isaacs (owner)
FAQs
Programmatic api for `npm org` commands
The npm package libnpmorg receives a total of 590,363 weekly downloads. As such, libnpmorg popularity was classified as popular.
We found that libnpmorg demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.