📦 hawk

HTTP Hawk Authentication Scheme

Author

mozilla

License

BSD-3-Clause

Unpacked Size

38.13 KB

Packed Size

9.11 KB

Last Activity

over 1 year ago

Wkly Downloads

322K

Unpacked Size

38.13 KB

Packed Size

9.11 KB

License

BSD-3-Clause

Author

mozilla

Last Activity

over 1 year ago

Dependencies Overview

Dependencies (4)

@hapi/b64 5.x.x @hapi/boom 9.x.x @hapi/cryptiles 5.x.x @hapi/hoek 9.x.x

Peer Dependencies (0)

There are not dependencies

Dev Dependencies (2)

@hapi/code 8.x.x @hapi/lab 22.x.x

Versions Overview

Last Version

9.0.2

Last Version Released

over 1 year ago

N. of Versions

Repository Overview

Default Branch

main

Is Archived?

YES

Is Disabled?

Is Fork?

Is Locked?

Security Policy Enabled?

YES

Latest Commits

Last 10 commits in the repository

Update history for current status (#296) * Update README.md

Hal Wine

over 1 year ago

9.0.2

Yarik

over 1 year ago

Merge pull request #294 from mozilla/revert-290-sec-fix-payload-verification Revert "Security fix"

Yarik

over 1 year ago

Revert "Security fix"

Yarik

over 1 year ago

Merge pull request #292 from mozilla/chore/codeql-v2 Migrate CodeQL to V2

Yarik

about 2 years ago

Migrate CodeQL to V2 V1 was deprecated: https://github.blog/changelog/2023-01-18-code-scanning-codeql-action-v1-is-now-deprecated/

Yarik

about 2 years ago

Merge pull request #290 from chrisdlangton/sec-fix-payload-verification Security fix

Yarik

about 2 years ago

Apply suggestions from code review

Yarik

about 2 years ago

Merge pull request #291 from thusoy/mac-before-expiry Validate bewit MAC before expiry

Yarik

over 2 years ago

Validate MAC before expiry Checking expiry before validating the MAC means that we are passing untrusted values into parseInt, which might have unintended consequences (also consider other languages that copy the algorithm here since this is the reference implementation). This is only done in the wrong order for bewit validation, regular header auth already checks the MAC first. Had to update the other expiry test since it apparently didn't have a valid MAC.

Tarjei Husøy

over 2 years ago

Top Contributors

The top contributors considering the last 100 commits & PRs

hueniverse

djmitche

lotas

nwhitmont

jarrodyellets

Open PRs (0)

Currently active PR in the repository

There are not PRs to display

Open Issues (0)

Currently active PR in the repository

There are not issues to display

Open Discussions (0)

Currently open discussions in the repository

There are not discussions to display

This site is an independent open-source project and is not affiliated with, endorsed by, or sponsored by npm, Inc. or GitHub, Inc. The name “npm” is a registered trademark of npm, Inc., used here solely to describe compatibility and reference publicly available npm package data.

📦 hawk

HTTP Hawk Authentication Scheme

Author

mozilla

License

BSD-3-Clause

Unpacked Size

38.13 KB

Packed Size

9.11 KB

Last Activity

over 1 year ago

Wkly Downloads

322K

Unpacked Size

38.13 KB

Packed Size

9.11 KB

License

BSD-3-Clause

Author

mozilla

Last Activity

over 1 year ago

Dependencies Overview

Dependencies (4)

@hapi/b64 5.x.x @hapi/boom 9.x.x @hapi/cryptiles 5.x.x @hapi/hoek 9.x.x

Peer Dependencies (0)

There are not dependencies

Dev Dependencies (2)

@hapi/code 8.x.x @hapi/lab 22.x.x

Versions Overview

Last Version

9.0.2

Last Version Released

over 1 year ago

N. of Versions

Security Overview

Vulnerabilities

Last Version with Vulnerabilities

9.0.0

Vulnerabilities Tracker

Historycal data about package vulnerabilities across all the stable versions

Vulnerabilites Summary

The npm package `hawk` has a security vulnerability count of 1 for most versions. Versions 9.0.1 and 9.0.2 have a vulnerability count of 0.

Complete Security Overview

Popularity Overview

GH Stars

1.9K

GH Forks

166

GH Watchers

Downloads History

Historycal data about package downloads in the last 18 months

Repository Overview

Default Branch

main

Is Archived?

YES

Is Disabled?

Is Fork?

Is Locked?

Security Policy Enabled?

YES

Latest Commits

Last 10 commits in the repository

Update history for current status (#296) * Update README.md

Hal Wine

over 1 year ago

9.0.2

Yarik

over 1 year ago

Merge pull request #294 from mozilla/revert-290-sec-fix-payload-verification Revert "Security fix"

Yarik

over 1 year ago

Revert "Security fix"

Yarik

over 1 year ago

Merge pull request #292 from mozilla/chore/codeql-v2 Migrate CodeQL to V2

Yarik

about 2 years ago

Migrate CodeQL to V2 V1 was deprecated: https://github.blog/changelog/2023-01-18-code-scanning-codeql-action-v1-is-now-deprecated/

Yarik

about 2 years ago

Merge pull request #290 from chrisdlangton/sec-fix-payload-verification Security fix

Yarik

about 2 years ago

Apply suggestions from code review

Yarik

about 2 years ago

Merge pull request #291 from thusoy/mac-before-expiry Validate bewit MAC before expiry

Yarik

over 2 years ago

Tarjei Husøy

over 2 years ago

Top Contributors

The top contributors considering the last 100 commits & PRs

hueniverse

djmitche

lotas

nwhitmont

jarrodyellets

Open PRs (0)

Currently active PR in the repository

There are not PRs to display

Open Issues (0)

Currently active PR in the repository

There are not issues to display

Open Discussions (0)

Currently open discussions in the repository

There are not discussions to display

Package Summary

Hawk is an HTTP authentication scheme providing security via cryptographic hash message authentication code (HMAC) verification. It allows servers to delegate authorization to clients, ensuring request integrity and origin authenticity. Key features include timestamp-based replay protection and customizable payloads. Useful for securing APIs and ensuring only authorized clients can access restricted resources. Hawk is lightweight, developer-friendly, and widely used in Node.js environments for robust authentication.

📦 hawk

Dependencies Overview

Dependencies (4)

Peer Dependencies (0)

Dev Dependencies (2)

Versions Overview

Repository Overview

Latest Commits

Top Contributors

Open PRs (0)

Open Issues (0)

Open Discussions (0)

📦 hawk

Dependencies Overview

Dependencies (4)

Peer Dependencies (0)

Dev Dependencies (2)

Versions Overview

Security Overview

Vulnerabilities Tracker

Vulnerabilites Summary

Popularity Overview

Downloads History

Repository Overview

Latest Commits

Top Contributors

Open PRs (0)

Open Issues (0)

Open Discussions (0)

Package Summary

Release Frequency

Popularity Overview

Downloads History

Security Overview

Vulnerabilities Tracker

Vulnerabilites Summary