Gathering detailed insights and metrics for node-opcua-crypto
Gathering detailed insights and metrics for node-opcua-crypto
Installations
npm install node-opcua-cryptoDeveloper
node-opcua
Developer Guide
BETA
Module System
CommonJS, ESM
Min. Node Version
Typescript Support
Yes
Node Version
20.15.0
NPM Version
lerna/8.1.8/node@v20.15.0+x64 (linux)
Statistics
5 Stars
348 Commits
10 Forks
4 Watching
22 Branches
6 Contributors
Updated on 13 Oct 2024
Languages
TypeScript (96.65%)
JavaScript (2.07%)
HTML (1.17%)
Makefile (0.11%)
Total Downloads
Cumulative downloads
Total Downloads
3,841,521
Last day
3.9%
5,206
Compared to previous day
Last week
12.4%
27,253
Compared to previous week
Last month
-15.3%
112,920
Compared to previous month
Last year
9.3%
1,311,301
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
9
Dev Dependencies
2
Versions
node-opcua-crypto
NodeOPCUA Crypto is a powerful JavaScript module for handling security and cryptography for OPCUA. It's written in TypeScript and runs smoothly on Node.js and in the browser.
Features
- a comprehensive set of cryptographic functionalities.
- supports both Node.js and browser environments.
- compatible with TypeScript for robust, type-safe coding.
- implements advanced security standards for OPCUA.
Getting Started
To use NodeOPCUA Crypto in your project, follow these steps:
Installation
1npm install nodeopcua-crypto
Usage
1 2import { generatePrivateKey, privateKeyToPEM, CertificatePurpose, createSelfSignedCertificate } from "./node-opcua-crypto.js"; 3 4async function demonstratePrivateKeyAndSelfSignedCertificateCreation() { 5 6 // create the Private Key 7 const privateKey = await generatePrivateKey(); 8 9 // convert the private key to a PEM format 10 const { privPem } = await privateKeyToPEM(privateKey); 11 12 console.log(privPem); 13 14 // create a self-sign certificate 15 const { cert } = await createSelfSignedCertificate({ 16 privateKey, 17 notAfter: new Date(2025, 1, 1), 18 notBefore: new Date(2019, 1, 1), 19 subject: "CN=Test", 20 dns: ["DNS1", "DNS2"], 21 ip: ["192.168.1.1"], 22 applicationUri: "urn:HOSTNAME:ServerDescription", 23 purpose: CertificatePurpose.ForApplication, 24 }); 25 console.log(cert); 26} 27demonstratePrivateKeyAndSelfSignedCertificateCreation(); 28 29
Please refer to the examples directory for more specific use cases and comprehensive samples.
Support
Sterfive provides this module free of charge, "as is," with the hope that it will be useful to you. However, any support requests, bug fixes, or enhancements are handled exclusively through our paid services. We believe strongly that independent open-source companies should be fairly compensated for their contributions to the community.
We highly recommend subscribing to our support program to ensure your requests are addressed and resolved. Please note that we only consider requests from members of our support program or sponsors.
Getting professional support
NodeOPCUA Crypto is developed and maintained by sterfive.com.
To get professional support, consider subscribing to the node-opcua membership community:
or contact sterfive for dedicated consulting and more advanced support.
Contributing
We appreciate contributions from the community. To contribute:
- Fork the repository.
- Create a new branch.
- Commit your changes.
- Submit a pull request.
- Sign the CLA (Contributor Licence Agreement) form
For more detailed instructions, refer to the CONTRIBUTING.md file.
License
NodeOPCUA Crypto is MIT licensed. See the LICENSE file for full license details.
Copyright © 2023-2024 Sterfive.com.
Disclaimer
NodeOPCUA Crypto is provided as-is, and while we strive to ensure its quality and security, Sterfive.com cannot be held liable for any damage caused directly or indirectly by the usage of this module.
Please report any issues or vulnerabilities you find via the issue tracker.
Thank you for considering NodeOPCUA Crypto for your OPCUA cryptography needs. We look forward to seeing what you build with i
Supporting the development effort - Sponsors & Backers
If you like node-opcua-crypto and if you are relying on it in one of your projects, please consider becoming a backer and sponsoring us, this will help us to maintain a high-quality stack and constant evolution of this module.
If your company would like to participate and influence the development of future versions of node-opcua and its components, please contact sterfive.
No vulnerabilities found.
Reason
17 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
2 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-7q7g-4xm8-89cq
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Reason
Found 0/25 approved changesets -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/main.yml:1
- Info: no jobLevel write permissions found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/node-opcua/node-opcua-crypto/main.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/node-opcua/node-opcua-crypto/main.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/node-opcua/node-opcua-crypto/main.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/node-opcua/node-opcua-crypto/main.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/node-opcua/node-opcua-crypto/main.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/node-opcua/node-opcua-crypto/main.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/node-opcua/node-opcua-crypto/main.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/node-opcua/node-opcua-crypto/main.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/node-opcua/node-opcua-crypto/main.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:84: update your workflow using https://app.stepsecurity.io/secureworkflow/node-opcua/node-opcua-crypto/main.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/node-opcua/node-opcua-crypto/main.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/node-opcua/node-opcua-crypto/main.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:113: update your workflow using https://app.stepsecurity.io/secureworkflow/node-opcua/node-opcua-crypto/main.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:121: update your workflow using https://app.stepsecurity.io/secureworkflow/node-opcua/node-opcua-crypto/main.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:127: update your workflow using https://app.stepsecurity.io/secureworkflow/node-opcua/node-opcua-crypto/main.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/main.yml:32
- Warn: npmCommand not pinned by hash: .github/workflows/main.yml:56
- Info: 0 out of 15 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 2 npmCommand dependencies pinned
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 7 are checked with a SAST tool
Score
4.6
/10
Last Scanned on 2024-11-25
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More