feat(adapter): Adding Azure CosmosDb Adapter for CosmosDb support

[rubenmamo]

☕️ Reasoning

• Adding support for storing authentication data in Azure CosmosDb.
• Tests are executed for each different partition key strategy

🧢 Checklist

• Documentation
• Tests
• Ready to be merged

🎫 Affected issues

📌 Resources

• Security guidelines
• Contributing guidelines
• Code of conduct
• Contributing to Open Source

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
auth-docs	✅ Ready (Inspect)	Visit Preview	💬 Add feedback	Aug 5, 2024 9:38am

1 Skipped Deployment

Name	Status	Preview	Comments	Updated (UTC)
next-auth-docs	⬜️ Ignored (Inspect)	Visit Preview		Aug 5, 2024 9:38am

[vercel]

@rubenmamo is attempting to deploy a commit to the authjs Team on Vercel.

A member of the Team first needs to authorize it.

[rubenmamo]

I have kept the same single file approach as for the Prisma and Azure Table Storage adapters. I'm happy to refactor and split in different files if you prefer such a change for better readability.

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	CI
Telemetry	npm/[email protected]	Note: Can be disabled by setting the environment variable NEXT_TELEMETRY_DISABLED=1 . See https://nextjs.org/telemetry for more information	🚫
AI detected potential malware	npm/[email protected]	Notes: The primary concern in the code is the use of vm.runInNewContext to execute file content, which can lead to arbitrary code execution if the file content is not trusted. This warrants a higher risk score. However, there is no evidence of malware or obfuscation in the code. Confidence: 0.60 Severity: 0.90	🚫

View full report↗︎

Next steps

What is telemetry?

This package contains telemetry which tracks how it is used.

Most telemetry comes with settings to disable it. Consider disabling telemetry if you do not want to be tracked.

What is AI detected malware?

AI has identified this package as malware. This is a strong signal that the package may be malicious.

Given the AI system's identification of this package as malware, extreme caution is advised. It is recommended to avoid downloading or installing this package until the threat is confirmed or flagged as a false positive.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/[email protected] or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm/[email protected]

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@types/[email protected]	None	0	6.99 kB	types
npm/@types/[email protected]	None	0	6.67 kB	types
npm/@typescript-eslint/[email protected]	None	0	17.8 kB	bradzacher, jameshenry
npm/[email protected]	environment, filesystem	0	24.9 kB	motdotla
npm/[email protected]	environment, filesystem, network, shell	0	505 kB	andris

View full report↗︎