0.43.2 • Published 5 months ago

@sectester/core v0.43.2

Weekly downloads
-
License
MIT
Repository
github
Last release
5 months ago

@sectester/core

Maintainability Test Coverage Build Status NPM Downloads

The core package can be used to obtain a config including credentials from different sources, and provide a simplified abstraction to handle events and commands.

Setup

npm i -s @sectester/core

Usage

Configuration

First, you need to generate a new instance of Configuration.

import { Configuration } from '@sectester/core';

const config = new Configuration({
  hostname: 'app.brightsec.com',
  projectId: 'your project ID',
  credentials: {
    token: 'your API key'
  }
});

After that, you can resolve the configuration using the IoC container.

const config = config.container.resolve(Configuration);

Options

Configuration can be customized using the following options:

export interface ConfigurationOptions {
  hostname?: string;
  projectId?: string;
  credentials?: Credentials;
  logLevel?: LogLevel;
  credentialProviders?: CredentialProvider[];
}

The default configuration is as follows:

{
  logLevel: LogLevel.ERROR,
  credentialProviders: [new EnvCredentialProvider()];
}

hostname

  • type: string

Set the hostname (domain name) used to establish a connection.

import { Configuration } from '@sectester/core';

const config = new Configuration({
  hostname: 'app.brightsec.com'
});

!NOTE If you omit the hostname parameter, 'app.brightsec.com' will be used by default.

projectId

  • type: string

Set the ID of the project you want to work with.

import { Configuration } from '@sectester/core';

const config = new Configuration({
  // ...
  projectId: 'your project ID'
});

!TIP The project ID can be found in the URL of the project page. For example, in the URL https://app.brightsec.com/projects/1234, the project ID is 1234. We recommend using the dedicated project ID for each application.

!WARNING If you omit the projectId parameter, we will use the default project ID. This is not recommended especially if you have multiple projects.

logLevel

  • type: LogLevel

Set the maximum log level to report.

import { Configuration, LogLevel } from '@sectester/core';

const config = new Configuration({
  // ...
  logLevel: LogLevel.ERROR
});

credentials

  • type: Credentials

Set credentials for accessing the application.

import { Configuration } from '@sectester/core';

const config = new Configuration({
  // ...
  credentials: {
    token: 'your API key'
  }
});

More info about setting up an API key

credentialProviders

  • type: CredentialProvider[]

Allows you to provide credentials that are loaded at runtime. The configuration will invoke one provider at a time and only continue to the next if no credentials have been located. For example, if the process finds values defined via the BRIGHT_TOKEN environment variables, the file at .sectesterrc will not be read.

EnvCredentialProvider

Use this provider to read credentials from the following environment variable: BRIGHT_TOKEN

If the BRIGHT_TOKEN environment variable is not set or contains a falsy value, it will return undefined.

import { Configuration, EnvCredentialProvider } from '@sectester/core';

const credentialsProvider = new EnvCredentialProvider();
const config = new Configuration({
  // ...
  credentialProviders: [credentialsProvider]
});

ApiClient

The ApiClient interface and its implementation FetchApiClient provide a robust way to handle HTTP requests with built-in retry logic, rate limiting, and error handling.

import { FetchApiClient } from '@sectester/core';

const client = new FetchApiClient({
  baseUrl: 'https://app.brightsec.com',
  apiKey: 'your-api-key',
  timeout: 5000 // optional, defaults to 5000ms
});

// Make a request
const response = await client.request('/api/v1/scans');

The FetchApiClient includes the following features:

  • Automatic retry for idempotent requests (GET, HEAD, PUT, DELETE, OPTIONS, TRACE)
  • Rate limiting handling with automatic retry based on 'Retry-After' header
  • Configurable timeout
  • API key authentication
  • Automatic handling of redirects (status 409)
  • JSON content type by default

The client can be configured using the following options:

OptionTypeDefaultDescription
baseUrlstring-Base URL for all API requests
apiKeystring-API key for authentication
apiKeyPrefixstring'Api-Key'Prefix used in the Authorization header
timeoutnumber5000Request timeout in milliseconds
userAgentstringsectester-js/User agent string
retryRetryOptionsSee FetchApiClient.tsRetry options for the client

License

Copyright © 2025 Bright Security.

This project is licensed under the MIT License - see the LICENSE file for details.

securitytestinge2etesttypescriptappsecpentestingqabrightsec
chalkreflect-metadatatslibtsyringeundici-types
@infinitebrahmanuniverse/nolb-_sec@everything-registry/sub-chunk-816
0.41.1

7 months ago

0.41.0

7 months ago

0.38.0

8 months ago

0.36.2

9 months ago

0.36.1

9 months ago

0.36.0

9 months ago

0.34.0

10 months ago

0.40.2

7 months ago

0.40.0

8 months ago

0.40.1

8 months ago

0.39.0

8 months ago

0.37.2

8 months ago

0.37.1

8 months ago

0.35.3

9 months ago

0.37.0

9 months ago

0.35.2

9 months ago

0.35.1

9 months ago

0.35.0

10 months ago

0.43.1

5 months ago

0.43.2

5 months ago

0.33.3

1 year ago

0.33.1

1 year ago

0.33.0

1 year ago

0.32.0

1 year ago

0.31.0

1 year ago

0.30.0

1 year ago

0.29.0

1 year ago

0.28.0

1 year ago

0.29.1

1 year ago

0.27.0

2 years ago

0.26.0

2 years ago

0.25.0

2 years ago

0.24.1

2 years ago

0.24.0

2 years ago

0.23.2

2 years ago

0.21.0

2 years ago

0.20.1

2 years ago

0.20.0

2 years ago

0.19.0

2 years ago

0.18.1

3 years ago

0.19.1

2 years ago

0.19.2

2 years ago

0.19.3

2 years ago

0.23.1

2 years ago

0.23.0

2 years ago

0.22.0

2 years ago

0.20.2

2 years ago

0.18.0

3 years ago

0.17.0

3 years ago

0.16.4

3 years ago

0.16.5

3 years ago

0.16.3

3 years ago

0.16.2

3 years ago

0.16.1

3 years ago