1.1.4 • Published 2 years ago

@neo4j/code-signer v1.1.4

Weekly downloads
68
License
Apache-2.0
Repository
-
Last release
2 years ago

Code Signer

A CLI tool for signing code used by Neo4j Graph platform. Creates a signature.pem file in the signed folder. If verifies signatures locally and against Neo4j:s CRL server for revoked certificates when online.

Usage

Sign my-graph-app directory:

npx @neo4j/code-signer --app ./my-graph-app-folder \
  --private-key ./private-key.pem \
  --cert ./certificate.pem \
  --passphrase your-private-key-passphrase

Verify my-graph-app:

npx @neo4j/code-signer --verify \
  --app ./my-graph-app-folder \
  --root-cert ./rootCA.pem

You can also pass the --skip-revocation-check flag to skip the certificate revocation check against Neo4j:s CRL server.

Common usage pattern

These steps are usually what's needed to sign a node application.

# build your app
npm run build

# pack you app
npm pack

# unpack your app
tar xvzf *.tgz

# sign unpacked app folder
npx @neo4j/code-signer --app ./package \
  --private-key ../private-key.pem \
  --cert ../certificate.pem \
  --passphrase your-private-key-passphrase

# pack app again, from inside package/ folder. Important!
cd package
npm pack

# publish, still inside package/ folder
npm publish *.tgz

Development

  • Build: npm build
  • Test: npm test
  • Package: npm pack
@types/minimist@types/node-forgedebuggraceful-fsminimatchminimistnode-fetchnode-forgep-limit
@infinitebrahmanuniverse/nolb-_neo@everything-registry/sub-chunk-639@zalastax/nolb-_neo@relate/common
1.1.4

2 years ago

1.1.3

4 years ago

1.1.2

4 years ago

1.1.1

4 years ago

1.1.0

4 years ago

1.0.6

5 years ago

1.0.5

5 years ago

1.0.4

5 years ago

1.0.3

5 years ago

0.9.2

5 years ago

0.9.1

5 years ago

0.8.1

5 years ago

0.8.0

5 years ago