next-auth icon indicating copy to clipboard operation
next-auth copied to clipboard
verified publisher icon nextauthjs

feat(adapter): Adding Azure CosmosDb Adapter for CosmosDb support

Open rubenmamo opened this issue 1 year ago • 5 comments

☕️ Reasoning

  • Adding support for storing authentication data in Azure CosmosDb.
  • Tests are executed for each different partition key strategy

🧢 Checklist

  • [x] Documentation
  • [x] Tests
  • [x] Ready to be merged

🎫 Affected issues

📌 Resources

rubenmamo avatar Jul 20 '24 13:07 rubenmamo

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
auth-docs ✅ Ready (Inspect) Visit Preview 💬 Add feedback Aug 5, 2024 9:38am
1 Skipped Deployment
Name Status Preview Comments Updated (UTC)
next-auth-docs ⬜️ Ignored (Inspect) Visit Preview Aug 5, 2024 9:38am

vercel[bot] avatar Jul 20 '24 13:07 vercel[bot]

@rubenmamo is attempting to deploy a commit to the authjs Team on Vercel.

A member of the Team first needs to authorize it.

vercel[bot] avatar Jul 20 '24 13:07 vercel[bot]

I have kept the same single file approach as for the Prisma and Azure Table Storage adapters. I'm happy to refactor and split in different files if you prefer such a change for better readability.

rubenmamo avatar Jul 20 '24 13:07 rubenmamo

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert Package NoteCI
Telemetry npm/[email protected]
  • Note: Can be disabled by setting the environment variable NEXT_TELEMETRY_DISABLED=1 . See https://nextjs.org/telemetry for more information
🚫
AI detected potential malware npm/[email protected]
  • Notes: The primary concern in the code is the use of vm.runInNewContext to execute file content, which can lead to arbitrary code execution if the file content is not trusted. This warrants a higher risk score. However, there is no evidence of malware or obfuscation in the code.
  • Confidence: 0.60
  • Severity: 0.90
🚫

View full report↗︎

Next steps

What is telemetry?

This package contains telemetry which tracks how it is used.

Most telemetry comes with settings to disable it. Consider disabling telemetry if you do not want to be tracked.

What is AI detected malware?

AI has identified this package as malware. This is a strong signal that the package may be malicious.

Given the AI system's identification of this package as malware, extreme caution is advised. It is recommended to avoid downloading or installing this package until the threat is confirmed or flagged as a false positive.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/[email protected] or ignore all packages with @SocketSecurity ignore-all

socket-security[bot] avatar Jul 20 '24 13:07 socket-security[bot]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@types/[email protected] None 0 6.99 kB types
npm/@types/[email protected] None 0 6.67 kB types
npm/@typescript-eslint/[email protected] None 0 17.8 kB bradzacher, jameshenry
npm/[email protected] environment, filesystem 0 24.9 kB motdotla
npm/[email protected] environment, filesystem, network, shell 0 505 kB andris

View full report↗︎

socket-security[bot] avatar Jul 28 '24 06:07 socket-security[bot]

It looks like this issue did not receive any activity for 60 days. It will be closed in 7 days if no further activity occurs. If you think your issue is still relevant, commenting will keep it open. Thanks!

stale[bot] avatar Jan 21 '25 23:01 stale[bot]

To keep things tidy, we are closing this issue for now. If you think your issue is still relevant, leave a comment and we might reopen it. Thanks!

stale[bot] avatar Jan 31 '25 23:01 stale[bot]