Security News
Oracle Drags Its Feet in the JavaScript Trademark Dispute
Oracle seeks to dismiss fraud claims in the JavaScript trademark dispute, delaying the case and avoiding questions about its right to the name.
By Sarah Gooding - Feb 07, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
Oso
What is Oso?
Oso is a batteries-included framework for building authorization in your application.
With Oso, you can:
- Model: Set up common permissions patterns like role-based access control (RBAC) and relationships using Oso’s built-in primitives. Extend them however you need with Oso’s declarative policy language, Polar.
- Filter: Go beyond yes/no authorization questions. Implement authorization over collections too - e.g., “Show me only the records that Juno can see.”
- Test: Write unit tests over your authorization logic now that you have a single interface for it. Use the Oso debugger or REPL to track down unexpected behavior.
Oso offers libraries for Node.js, Python, Go, Rust, Ruby, and Java.
Our latest creation Oso Cloud (Preview) makes authorization across services as easy as oso.authorize(user, action, resource). Learn about it.
Documentation
- To get up and running with Oso, try the Getting Started guide.
- Full documentation is available at docs.osohq.com.
- Check out Use Cases to learn more about how teams are using Oso in production.
- To learn about authorization best practices (not specific to Oso), read the Authorization Academy guides.
Community & Support
If you have any questions on Oso or authorization more generally, you can join our engineering team & hundreds of other developers using Oso in our community Slack:
Share your story
We'd love to hear about your use case and experience with Oso. Share your story in our Success Stories issue or fill out this form for some Oso swag.
Development
Core
Oso's Rust core is developed against Rust's latest stable release.
Language libraries
Oso's language libraries can be developed without touching the Rust core, but you will still need the Rust stable toolchain installed in order to build the core.
To build the WebAssembly core for the Node.js library, you will need to have
wasm-pack installed and available on your system PATH.
Language requirements
To work on a language library, you will need to meet the following version requirements:
- Java: 10+
- Maven: 3.6+
- Node.js: 12.20.0+
- Yarn 1.22+
- Python: 3.7+
- Ruby: 2.4+
- Bundler 2.1.4+
- Rust: 1.46+
- Go: 1.14+
Contributing & Jobs
See: CONTRIBUTING.md.
If you want to work on the Oso codebase full-time, visit our jobs page.
License
See: LICENSE.
FAQs
oso authorization library.
The npm package oso receives a total of 1,432 weekly downloads. As such, oso popularity was classified as popular.
We found that oso demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Package last updated on 05 Aug 2022
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Linux Foundation Warns Open Source Developers: Compliance with Sanctions Is Not Optional
The Linux Foundation is warning open source developers that compliance with global sanctions is mandatory, highlighting legal risks and restrictions on contributions.
By Sarah Gooding - Feb 06, 2025
Security News
Maven Central Adds Sigstore Signature Validation
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.
By Sarah Gooding - Feb 06, 2025