New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@autosec/fetchhole

Package Overview
Dependencies
Maintainers
1
Versions
19
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@autosec/fetchhole

Boost your FaaS development with `@autosec/fetchhole`, a secure, drop-in replacement for the native `fetch()` function, designed for security-focused web developers.

  • 0.1.1-nightly.0
  • latest
  • Source
  • npm
  • Socket score
Version published
Weekly downloads
1
Maintainers
1
Weekly downloads
 
Created
Source

License TypeScript npm npm OpenSSF Scorecard Socket Badge

FetchHole

Elevate your Function as a Service (FaaS) development with enhanced security at the edge using @autosec/fetchhole. This package acts as a sophisticated drop-in replacement for the native fetch() function, tailored for developers who emphasize security in their web applications.

Features

  • Drop-in Replacement: Seamlessly integrates with existing code, replacing the native fetch() function.
  • Advanced Logging: Comprehensive logging capabilities for effective debugging.
  • Redirect Intercept: Customize redirect limits with a default of 20, as per the WHATWG Fetch specification.
  • Header Computation: Automatically computes and adds missing Content-Length and ETag headers. Choose your preferred ETag hash algorithm, with sha256 as the default.
  • Cache Support: Utilizes memory or disk caching via the Cache Web API. Compatible with Cloudflare's cache API for Cloudflare users.
  • Intercept for Alternate Routing: Ideal for scenarios like Cloudflare Workers Binding, allowing for alternate request routing.
  • Custom DNS Resolver Support: Designed for DNS level security applications like Zero Trust services. Compatible with any DoH resolver that uses 0.0.0.0 for blocking.
    • Direct IP Address Handling: Offers three modes for handling direct IP address access:
      • Full Block
      • Fail if No PTR Record (conducts a PTR record check, followed by a standard DNS check)
      • Allow

Installation

npm install @autosec/fetchhole

Usage

Simply import fetchhole and use it as a replacement for the native fetch() function.

import fetch from '@autosec/fetchhole';

// Use fetch as you normally would
fetch('https://example.com').then((response) => {
	// Your code here
});

Configuration

You can customize fetchhole with various options to suit your needs. Settings can be applied at the class instance level or as an fetch init property:

{
	cache: {
		type: CacheType.Default, // Defines cache type
		hashAlgorithm: 'sha256', // Choose a different ETag hash algorithm
		ignoreMethod: false,
		ignoreSearch: false,
		ignoreVary: false,
	},
	hardFail: true, // Determines failure handling
	logLevel: LoggingLevel.INFO, // Sets the level of logging
	redirectCount: 20, // Set custom redirect limit
}

FAQs

Package last updated on 15 Dec 2023

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Michigan TypeScript Founder Successfully Runs Doom Inside TypeScript's Type System

Security News

Michigan TypeScript Founder Successfully Runs Doom Inside TypeScript's Type System

Michigan TypeScript founder Dimitri Mitropoulos implements WebAssembly runtime in TypeScript types, enabling Doom to run after processing 177 terabytes of type definitions.

By Sarah Gooding  -  Feb 28, 2025
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc