🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more
Socket
DemoInstallSign in
Socket
DemoInstallSign in

@gitpod/sdk

Package Overview
Dependencies
Maintainers
0
Versions
8
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@gitpod/sdk

The official TypeScript library for the Gitpod API

0.5.0
latest
Source
npm
Version published
Weekly downloads
13
-62.86%
Maintainers
0
Weekly downloads
 
Created
Source

Gitpod TypeScript API Library

NPM version npm bundle size

This library provides convenient access to the Gitpod REST API from server-side TypeScript or JavaScript.

The REST API documentation can be found on docs.gitpod.io. The full API of this library can be found in api.md.

It is generated with Stainless.

Installation

npm install @gitpod/sdk

Usage

The full API of this library can be found in api.md.

import Gitpod from '@gitpod/sdk';

const client = new Gitpod({
  bearerToken: process.env['GITPOD_API_KEY'], // This is the default and can be omitted
});

async function main() {
  const response = await client.identity.getAuthenticatedIdentity();

  console.log(response.organizationId);
}

main();

Request & Response types

This library includes TypeScript definitions for all request params and response fields. You may import and use them like so:

import Gitpod from '@gitpod/sdk';

const client = new Gitpod({
  bearerToken: process.env['GITPOD_API_KEY'], // This is the default and can be omitted
});

async function main() {
  const response: Gitpod.IdentityGetAuthenticatedIdentityResponse =
    await client.identity.getAuthenticatedIdentity();
}

main();

Documentation for each method, request param, and response field are available in docstrings and will appear on hover in most modern editors.

Handling errors

When the library is unable to connect to the API, or if the API returns a non-success status code (i.e., 4xx or 5xx response), a subclass of APIError will be thrown:

async function main() {
  const response = await client.identity.getAuthenticatedIdentity().catch(async (err) => {
    if (err instanceof Gitpod.APIError) {
      console.log(err.status); // 400
      console.log(err.name); // BadRequestError
      console.log(err.headers); // {server: 'nginx', ...}
    } else {
      throw err;
    }
  });
}

main();

Error codes are as followed:

Status CodeError Type
400BadRequestError
401AuthenticationError
403PermissionDeniedError
404NotFoundError
422UnprocessableEntityError
429RateLimitError
>=500InternalServerError
N/AAPIConnectionError

Retries

Certain errors will be automatically retried 2 times by default, with a short exponential backoff. Connection errors (for example, due to a network connectivity problem), 408 Request Timeout, 409 Conflict, 429 Rate Limit, and >=500 Internal errors will all be retried by default.

You can use the maxRetries option to configure or disable this:

// Configure the default for all requests:
const client = new Gitpod({
  maxRetries: 0, // default is 2
});

// Or, configure per-request:
await client.identity.getAuthenticatedIdentity({
  maxRetries: 5,
});

Timeouts

Requests time out after 1 minute by default. You can configure this with a timeout option:

// Configure the default for all requests:
const client = new Gitpod({
  timeout: 20 * 1000, // 20 seconds (default is 1 minute)
});

// Override per-request:
await client.identity.getAuthenticatedIdentity({
  timeout: 5 * 1000,
});

On timeout, an APIConnectionTimeoutError is thrown.

Note that requests which time out will be retried twice by default.

Auto-pagination

List methods in the Gitpod API are paginated. You can use the for await … of syntax to iterate through items across all pages:

async function fetchAllEnvironments(params) {
  const allEnvironments = [];
  // Automatically fetches more pages as needed.
  for await (const environment of client.environments.list()) {
    allEnvironments.push(environment);
  }
  return allEnvironments;
}

Alternatively, you can request a single page at a time:

let page = await client.environments.list();
for (const environment of page.environments) {
  console.log(environment);
}

// Convenience methods are provided for manually paginating:
while (page.hasNextPage()) {
  page = await page.getNextPage();
  // ...
}

Advanced Usage

Accessing raw Response data (e.g., headers)

The "raw" Response returned by fetch() can be accessed through the .asResponse() method on the APIPromise type that all methods return.

You can also use the .withResponse() method to get the raw Response along with the parsed data.

const client = new Gitpod();

const response = await client.identity.getAuthenticatedIdentity().asResponse();
console.log(response.headers.get('X-My-Header'));
console.log(response.statusText); // access the underlying Response object

const { data: response, response: raw } = await client.identity.getAuthenticatedIdentity().withResponse();
console.log(raw.headers.get('X-My-Header'));
console.log(response.organizationId);

Logging

[!IMPORTANT] All log messages are intended for debugging only. The format and content of log messages may change between releases.

Log levels

The log level can be configured in two ways:

  • Via the GITPOD_LOG environment variable
  • Using the logLevel client option (overrides the environment variable if set)
import Gitpod from '@gitpod/sdk';

const client = new Gitpod({
  logLevel: 'debug', // Show all log messages
});

Available log levels, from most to least verbose:

  • 'debug' - Show debug messages, info, warnings, and errors
  • 'info' - Show info messages, warnings, and errors
  • 'warn' - Show warnings and errors (default)
  • 'error' - Show only errors
  • 'off' - Disable all logging

At the 'debug' level, all HTTP requests and responses are logged, including headers and bodies. Some authentication-related headers are redacted, but sensitive data in request and response bodies may still be visible.

Custom logger

By default, this library logs to globalThis.console. You can also provide a custom logger. Most logging libraries are supported, including pino, winston, bunyan, consola, signale, and @std/log. If your logger doesn't work, please open an issue.

When providing a custom logger, the logLevel option still controls which messages are emitted, messages below the configured level will not be sent to your logger.

import Gitpod from '@gitpod/sdk';
import pino from 'pino';

const logger = pino();

const client = new Gitpod({
  logger: logger.child({ name: 'Gitpod' }),
  logLevel: 'debug', // Send all messages to pino, allowing it to filter
});

Making custom/undocumented requests

This library is typed for convenient access to the documented API. If you need to access undocumented endpoints, params, or response properties, the library can still be used.

Undocumented endpoints

To make requests to undocumented endpoints, you can use client.get, client.post, and other HTTP verbs. Options on the client, such as retries, will be respected when making these requests.

await client.post('/some/path', {
  body: { some_prop: 'foo' },
  query: { some_query_arg: 'bar' },
});

Undocumented request params

To make requests using undocumented parameters, you may use // @ts-expect-error on the undocumented parameter. This library doesn't validate at runtime that the request matches the type, so any extra values you send will be sent as-is.

client.foo.create({
  foo: 'my_param',
  bar: 12,
  // @ts-expect-error baz is not yet public
  baz: 'undocumented option',
});

For requests with the GET verb, any extra params will be in the query, all other requests will send the extra param in the body.

If you want to explicitly send an extra argument, you can do so with the query, body, and headers request options.

Undocumented response properties

To access undocumented response properties, you may access the response object with // @ts-expect-error on the response object, or cast the response object to the requisite type. Like the request params, we do not validate or strip extra properties from the response from the API.

Customizing the fetch client

By default, this library expects a global fetch function is defined.

If you want to use a different fetch function, you can either polyfill the global:

import fetch from 'my-fetch';

globalThis.fetch = fetch;

Or pass it to the client:

import Gitpod from '@gitpod/sdk';
import fetch from 'my-fetch';

const client = new Gitpod({ fetch });

Fetch options

If you want to set custom fetch options without overriding the fetch function, you can provide a fetchOptions object when instantiating the client or making a request. (Request-specific options override client options.)

import Gitpod from '@gitpod/sdk';

const client = new Gitpod({
  fetchOptions: {
    // `RequestInit` options
  },
});

Configuring proxies

To modify proxy behavior, you can provide custom fetchOptions that add runtime-specific proxy options to requests:

Node [docs]

import Gitpod from '@gitpod/sdk';
import * as undici from 'undici';

const proxyAgent = new undici.ProxyAgent('http://localhost:8888');
const client = new Gitpod({
  fetchOptions: {
    dispatcher: proxyAgent,
  },
});

Bun [docs]

import Gitpod from '@gitpod/sdk';

const client = new Gitpod({
  fetchOptions: {
    proxy: 'http://localhost:8888',
  },
});

Deno [docs]

import Gitpod from 'npm:@gitpod/sdk';

const httpClient = Deno.createHttpClient({ proxy: { url: 'http://localhost:8888' } });
const client = new Gitpod({
  fetchOptions: {
    client: httpClient,
  },
});

Frequently Asked Questions

Semantic versioning

This package generally follows SemVer conventions, though certain backwards-incompatible changes may be released as minor versions:

  • Changes that only affect static types, without breaking runtime behavior.
  • Changes to library internals which are technically public but not intended or documented for external use. (Please open a GitHub issue to let us know if you are relying on such internals.)
  • Changes that we do not expect to impact the vast majority of users in practice.

We take backwards-compatibility seriously and work hard to ensure you can rely on a smooth upgrade experience.

We are keen for your feedback; please open an issue with questions, bugs, or suggestions.

Requirements

TypeScript >= 4.9 is supported.

The following runtimes are supported:

  • Web browsers (Up-to-date Chrome, Firefox, Safari, Edge, and more)
  • Node.js 18 LTS or later (non-EOL) versions.
  • Deno v1.28.0 or higher.
  • Bun 1.0 or later.
  • Cloudflare Workers.
  • Vercel Edge Runtime.
  • Jest 28 or greater with the "node" environment ("jsdom" is not supported at this time).
  • Nitro v2.6 or greater.

Note that React Native is not supported at this time.

If you are interested in other runtime environments, please open or upvote an issue on GitHub.

Contributing

See the contributing documentation.

FAQs

Package last updated on 21 Feb 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

60 Malicious npm Packages Leak Network and Host Data in Active Malware Campaign

Research

Security News

60 Malicious npm Packages Leak Network and Host Data in Active Malware Campaign

Socket’s Threat Research Team has uncovered 60 npm packages using post-install scripts to silently exfiltrate hostnames, IP addresses, DNS servers, and user directories to a Discord-controlled endpoint.

By Kirill Boychenko  -  May 23, 2025