npmpackage.info

Gathering detailed insights and metrics for cocoa

Other packages similar to cocoa

cocoa-logger

1.5.1

Wrapper to winston logger dependencies

@snyk/snyk-cocoapods-plugin

2.6.0

Snyk CLI CocoaPods plugin

cocoa-config

1.4.0

Wrapper to yaml dependencies to serialize and deserialize objects into yaml files

@snyk/cocoapods-lockfile-parser

3.10.0

Generate a Snyk dependency graph from a Podfile.lock file

Gathering detailed insights and metrics for cocoa

cocoa

Password generator service

4.0.1

BSD-3-Clause

JavaScript

904.00 B

12,373 1.7

Installations

npm install cocoa

Developer Guide

BETA

Typescript

No

Module System

CommonJS

Min. Node Version

>= 7.0.0

Node Version

8.2.1

NPM Version

5.3.0 Score

40.6

Supply Chain

Quality

68.4

Maintenance

Vulnerability

95.8

License

Pull Requests

Open

0

Total

1

Closed

0

Merged

1

Issues

Open

0

Total

2

Closed

2

Releases

Unable to fetch releases

Contributors

Unable to fetch Contributors

View all 2 contributors

Languages

JavaScript

JavaScript (100%)

Love this project? Help keep it running — sponsor us today! 🚀

Developer

avoidwork

Download Statistics

Total Downloads

12,373

Last Day

Last Week

Last Month

101

Last Year

862

GitHub Statistics

6 Stars

54 Commits

2 Forks

4 Watching

2 Branches

2 Contributors

Bundle Size

2.10 kB

Minified

904.00 B

Minified + Gzipped

Bundlephobia

Maintainers

Package Meta Information

Latest Version

4.0.1

Package Id

cocoa@4.0.1

Size

6.55 kB

NPM Version

5.3.0

Node Version

8.2.1

Total Downloads

Cumulative downloads

Total Downloads

12,373

Last day

100%

Compared to previous day

Last week

2.9%

Compared to previous week

Last month

215.6%

101

Compared to previous month

Last year

-12.9%

862

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

mpass nodemailer tenso tiny-defer

Dev Dependencies

grunt grunt-cli grunt-contrib-watch grunt-eslint grunt-mocha-test grunt-nsp mocha tiny-httptest

Versions

cocoa

Password generator service

demo graphic

What can cocoa do for me?

cocoa is a service which can generate 1 or many passwords using a mnemonic word list, and email you the result(s). The password(s) is not logged, or saved anywhere.

How do I run cocoa?

cocoa can be up and running in 3 steps! When run in a production environment, it's recommended that you use NGINX to terminate SSL, and reverse proxy to cocoa. Using a daemon like upstart (on Linux) to run cocoa is ideal.

Clone this repository, or install from npm:
1. $ npm install cocoa
2. $ ln -s node_modules/cocoa/config.json config.json
3. $ ln -s node_modules/cocoa/index.js index.js
(Optional) Edit config.json to configure your email server, etc.
Run via node index.js.

Upstart

Use the provided upstart recipe: sudo sh -c 'cp node_modules/cocoa/cocoa.conf /etc/init; service cocoa start;'

Systemd

Use the provided systemd service: sudo sh -c 'cp node_modules/cocoa/cocoa.service /etc/systemd/system; systemctl enable cocoa; systemctl start cocoa;'

What about Windows?

It runs great on Windows, but you're on your own to daemonize it!

Request parameters

words

Integer (3) The amount of words to use

min

Integer (0) Minimum length of the password

max

Integer (0) Maximum length of the password

passwords

Integer (1) The amount of passwords to generate

special

Boolean (false) Randomly adds common "special" characters to a password, including capitalization

Configuration

{
    "auth": /* Optional, see tenso authentication section */
    "compress": false, /* Optional, enabled by default, disabled with SSL */
    "email": { /* Optional, disabled by default */
        "enabled": true,
        "host": "smtp.host",
        "port": 465,
        "secure": true,
        "from": "You <you@yourdomain>",
        "user": "you@yourdomain",
        "pass": "password"
    },
    "headers": { ... }, /* Optional, custom headers */
    "hostname": "localhost", /* Optional, default is 'localhost' */
    "json": 2, /* Optional, default indent for 'pretty' JSON */
    "logging": { /* Optional */
        "level": "info",
        "enabled": true
    },
    "port": 9090, /* Optional, default is 9090 */
    "rate": {
        "enabled": true,
        "limit": 450, /* Maximum requests allowed before `reset` */
        "reset": 900, /* TTL in seconds */
        "status": 429, /* Optional HTTP status */
        "message": "Too many requests",  /* Optional error message */
        "override": function ( req, rate ) { ... } /* Override the default rate limiting */
    },
    "session": { /* Optional */
        "secret": null,
        "store": "memory", /* "memory" or "redis" */
        "redis": /* See connect-redis for options */
    },
    "ssl": { /* Optional */
        "cert": null,
        "key": null
    },
    "title": "My API", /* Page title for browsable API */
    "uid": N /* Optional, system account uid to drop to after starting with elevated privileges to run on a low port */
}

License

No vulnerabilities found.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

License

Determines if the project has defined a license.

0

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

SAST

Determines if the project uses static code analysis.

0

Maintained

Determines if the project is "actively maintained".

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Security-Policy

Determines if the project has published a security policy.

0

Fuzzing

Determines if the project uses fuzzing.

0

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

79 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw
Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
Warn: Project is vulnerable to: GHSA-rvg8-pwq2-xj7q
Warn: Project is vulnerable to: GHSA-pp7h-53gx-mx7r
Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
Warn: Project is vulnerable to: GHSA-9vvw-cc9w-f27h
Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
Warn: Project is vulnerable to: GHSA-hr2v-3952-633q
Warn: Project is vulnerable to: GHSA-h6ch-v84p-w6p9
Warn: Project is vulnerable to: GHSA-3w5v-p54c-f74x
Warn: Project is vulnerable to: GHSA-6x77-rpqf-j6mw
Warn: Project is vulnerable to: GHSA-hwcf-pp87-7x6p
Warn: Project is vulnerable to: GHSA-phwq-j96m-2c2q
Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
Warn: Project is vulnerable to: GHSA-4gmj-3p3h-gm8h
Warn: Project is vulnerable to: GHSA-qrmc-fj45-qfc2
Warn: Project is vulnerable to: GHSA-957j-59c2-j692
Warn: Project is vulnerable to: GHSA-qh2h-chj9-jffq
Warn: Project is vulnerable to: GHSA-m5pj-vjjf-4m3h
Warn: Project is vulnerable to: GHSA-j383-35pm-c5h4
Warn: Project is vulnerable to: GHSA-rm36-94g8-835r
Warn: Project is vulnerable to: GHSA-jp4x-w63m-7wgm
Warn: Project is vulnerable to: GHSA-c429-5p7v-vgjp
Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
Warn: Project is vulnerable to: GHSA-8g7p-74h8-hg48
Warn: Project is vulnerable to: GHSA-pc5p-h8pf-mvwp
Warn: Project is vulnerable to: GHSA-qqgx-2p2h-9c37
Warn: Project is vulnerable to: GHSA-4hpf-3wq7-5rpr
Warn: Project is vulnerable to: GHSA-f522-ffg8-j8r6
Warn: Project is vulnerable to: GHSA-2pr6-76vf-7546
Warn: Project is vulnerable to: GHSA-8j8c-7jfh-h6hx
Warn: Project is vulnerable to: GHSA-282f-qqgm-c34q
Warn: Project is vulnerable to: GHSA-8cf7-32gw-wr33
Warn: Project is vulnerable to: GHSA-hjrf-2m68-5959
Warn: Project is vulnerable to: GHSA-qwph-4952-7xr6
Warn: Project is vulnerable to: GHSA-jf85-cpcp-j695
Warn: Project is vulnerable to: GHSA-fvqr-27wr-82fm
Warn: Project is vulnerable to: GHSA-4xc9-xhrj-v574
Warn: Project is vulnerable to: GHSA-x5rq-j2xg-h7qm
Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m
Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
Warn: Project is vulnerable to: GHSA-446m-mv8f-q348
Warn: Project is vulnerable to: GHSA-8hfj-j24r-96c4
Warn: Project is vulnerable to: GHSA-wc69-rhjr-hc9g
Warn: Project is vulnerable to: GHSA-w9mr-4mfr-499f
Warn: Project is vulnerable to: GHSA-92xj-mqp7-vmcj
Warn: Project is vulnerable to: GHSA-wxgw-qj99-44c2
Warn: Project is vulnerable to: GHSA-5rrq-pxf6-6jx5
Warn: Project is vulnerable to: GHSA-8fr3-hfg3-gpgp
Warn: Project is vulnerable to: GHSA-gf8q-jrpm-jvxq
Warn: Project is vulnerable to: GHSA-2r2c-g63r-vccr
Warn: Project is vulnerable to: GHSA-cfm4-qjh2-4765
Warn: Project is vulnerable to: GHSA-x4jg-mjrx-434g
Warn: Project is vulnerable to: GHSA-48ww-j4fc-435p
Warn: Project is vulnerable to: GHSA-hwqf-gcqm-7353
Warn: Project is vulnerable to: GHSA-9h6g-pr28-7cqp
Warn: Project is vulnerable to: GHSA-v923-w3x8-wh69
Warn: Project is vulnerable to: GHSA-f794-r6xc-hf3v
Warn: Project is vulnerable to: GHSA-5379-r78w-42h2
Warn: Project is vulnerable to: GHSA-m974-647v-whv7
Warn: Project is vulnerable to: GHSA-gqgv-6jq5-jjj9
Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
Warn: Project is vulnerable to: GHSA-35q2-47q7-3pc3
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-4rq4-32rv-6wp6
Warn: Project is vulnerable to: GHSA-64g7-mvw6-v9qj
Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
Warn: Project is vulnerable to: GHSA-v2p6-4mp7-3r9v
Warn: Project is vulnerable to: GHSA-g78m-2chm-r7qv
Warn: Project is vulnerable to: GHSA-c27r-x354-4m68
Warn: Project is vulnerable to: GHSA-776f-qx25-q3cc
Warn: Project is vulnerable to: GHSA-h6q6-9hqw-rwfv
Warn: Project is vulnerable to: GHSA-5fg8-2547-mr8q
Warn: Project is vulnerable to: GHSA-crh6-fp67-6883

Score

1.7

/10

Last Scanned on 2025-02-03

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More