Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
com.softwaremill.sttp.client3:async-http-client-backend-fs2_2.13
Advanced tools
async-http-client-backend-fs2
This is the stable version of sttp client (v3). For the upcoming version 4 (currently in development), see sttp 4 on GitHub and its documentation.
sttp client is an open-source library which provides a clean, programmer-friendly API to describe HTTP requests and how to handle responses. Requests are sent using one of the backends, which wrap other Scala or Java HTTP client implementations. The backends can integrate with a variety of Scala stacks, providing both synchronous and asynchronous, procedural and functional interfaces.
Backend implementations include ones based on akka-http, http4s, OkHttp, and HTTP clients which ship with Java. They integrate with Akka, Monix, fs2, cats-effect, scalaz and ZIO. Supported Scala versions include 2.11, 2.12, 2.13 and 3, Scala.JS and Scala Native.
Here's a quick example of sttp client in action:
import sttp.client3._
val sort: Option[String] = None
val query = "http language:scala"
// the `query` parameter is automatically url-encoded
// `sort` is removed, as the value is not defined
val request = basicRequest.get(uri"https://api.github.com/search/repositories?q=$query&sort=$sort")
val backend = HttpClientSyncBackend()
val response = request.send(backend)
// response.header(...): Option[String]
println(response.header("Content-Length"))
// response.body: by default read into an Either[String, String] to indicate failure or success
println(response.body)
sttp (v4) documentation is available at sttp.softwaremill.com/en/latest.
sttp (v3) documentation is available at sttp.softwaremill.com/en/stable.
sttp (v2) documentation is available at sttp.softwaremill.com/en/v2.
sttp (v1) documentation is available at sttp.softwaremill.com/en/v1.
scaladoc is available at https://www.javadoc.io
If you are an Ammonite user, you can quickly start experimenting with sttp by copy-pasting the following:
import $ivy.`com.softwaremill.sttp.client3::core:3.10.0`
import sttp.client3.quick._
quickRequest.get(uri"http://httpbin.org/ip").send(backend)
This brings in the sttp API and a synchronous backend instance.
Add the following dependency:
"com.softwaremill.sttp.client3" %% "core" % "3.10.0"
Then, import:
import sttp.client3._
Type basicRequest.
and see where your IDE’s auto-complete gets you!
sttp is a family of Scala HTTP-related projects, and currently includes:
If you have a question, suggestion, or hit a problem, feel free to ask on our discourse forum!
Or, if you encounter a bug, something is unclear in the code or documentation, don’t hesitate and open an issue on GitHub.
We are also always looking for contributions and new ideas, so if you’d like to get into the project, check out the open issues, or post your own suggestions!
Note that running the default test
task will run the tests using both the JVM and JS backends, and is likely to run out of memory.
If you'd like to run the tests using only the JVM backend, execute: sbt rootJVM/test
.
By default, when importing to IntelliJ, only the Scala 2.13/JVM subprojects will be imported. This is controlled by the ideSkipProject
setting in build.sbt
(inside commonSettings
).
If you'd like to work on a different platform or Scala version, simply change this setting temporarily so that the correct subprojects are imported. For example:
// import only Scala 2.13, JS projects
ideSkipProject := (scalaVersion.value != scala2_13) || !thisProjectRef.value.project.contains("JS")
// import only Scala 3, JVM projects
ideSkipProject := (scalaVersion.value != scala3) || thisProjectRef.value.project.contains("JS") || thisProjectRef.value.project.contains("Native"),
// import only Scala 2.13, Native projects
ideSkipProject := (scalaVersion.value != scala2_13) || !thisProjectRef.value.project.contains("Native")
The documentation is typechecked using mdoc. The sources for the documentation exist in docs
. Don't modify the generated documentation in generated-docs
, as these files will get overwritten!
When generating documentation, it's best to set the version to the current one, so that the generated doc files don't include modifications with the current snapshot version.
That is, in sbt run: set version := "3.10.0"
, before running mdoc
in docs
.
In order to run tests against JS backend you will need to install Google Chrome.
By default, sttp-native will not be included in the aggregate build of the root project. To include it, define the STTP_NATIVE
environmental variable before running sbt, e.g.:
STTP_NATIVE=1 sbt
You might need to install some additional libraries, see the scala native documentation site. On macos, you might additionally need:
ln -s /usr/local/opt/openssl/lib/libcrypto.dylib /usr/local/lib/
ln -s /usr/local/opt/openssl/lib/libssl.dylib /usr/local/lib/
We offer commercial support for sttp and related technologies, as well as development services. Contact us to learn more about our offer!
Copyright (C) 2017-2022 SoftwareMill https://softwaremill.com.
FAQs
async-http-client-backend-fs2
We found that com.softwaremill.sttp.client3:async-http-client-backend-fs2_2.13 demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.