Security News
Input Validation Vulnerabilities Dominate MITRE's 2024 CWE Top 25 List
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
@nestjs/common
Advanced tools
The @nestjs/common package is a core part of the NestJS framework, which is a framework for building efficient, reliable and scalable server-side applications. This package provides a wide range of basic functionalities necessary for any NestJS application, including decorators, modules, middleware, filters, pipes, guards, and utilities for handling HTTP requests and responses.
Decorators
Decorators are used to annotate classes and their members to define their roles within the application. For example, `@Injectable()` marks a class as a service that can be injected, and `@Controller()` defines a class as a controller with a specific route.
@Injectable()
class MyService {}
@Controller('my-route')
class MyController {
constructor(private myService: MyService) {}
}
Modules
Modules are used to organize components by encapsulating them within bounded contexts. This code sample demonstrates how to define a module that includes controllers and providers.
@Module({
imports: [],
controllers: [MyController],
providers: [MyService],
})
class MyModule {}
Middleware
Middleware are functions that execute during the request-response cycle. They can perform tasks like logging, request validation, etc. This code sample shows a basic middleware that logs a message on each request.
@Injectable()
class MyMiddleware implements NestMiddleware {
use(req: Request, res: Response, next: NextFunction) {
console.log('Request...');
next();
}
}
Exception Filters
Exception filters handle exceptions that occur during the processing of a request. This code sample demonstrates a filter that catches HTTP exceptions and formats the response.
@Catch(HttpException)
class HttpExceptionFilter implements ExceptionFilter {
catch(exception: HttpException, host: ArgumentsHost) {
const ctx = host.switchToHttp();
const response = ctx.getResponse<Response>();
const status = exception.getStatus();
response
.status(status)
.json({
statusCode: status,
timestamp: new Date().toISOString(),
path: ctx.getRequest<Request>().url,
});
}
}
Express is a minimal and flexible Node.js web application framework that provides a robust set of features for web and mobile applications. While it serves a similar purpose in building server-side applications, it is less opinionated than NestJS and does not provide the same level of structure and abstraction out of the box.
Koa is a new web framework designed by the team behind Express, aiming to be a smaller, more expressive, and more robust foundation for web applications and APIs. Koa uses async functions, which allows for a simpler and more powerful way to handle asynchronous operations compared to Express. However, like Express, it is less opinionated than NestJS.
Hapi is a rich framework for building applications and services, allowing developers to focus on writing reusable application logic instead of spending time building infrastructure. It is designed to be more configurable and extensible than Express, offering a more comprehensive set of features out of the box. However, it still lacks the full-fledged module system and decorators provided by NestJS.
A progressive Node.js framework for building efficient and scalable server-side applications.
Nest is a framework for building efficient, scalable Node.js server-side applications. It uses modern JavaScript, is built with TypeScript (preserves compatibility with pure JavaScript) and combines elements of OOP (Object Oriented Programming), FP (Functional Programming), and FRP (Functional Reactive Programming).
Under the hood, Nest makes use of Express, but also provides compatibility with a wide range of other libraries, like Fastify, allowing for easy use of the myriad of third-party plugins which are available.
In recent years, thanks to Node.js, JavaScript has become the “lingua franca” of the web for both front and backend applications, giving rise to awesome projects like Angular, React, and Vue, which improve developer productivity and enable the construction of fast, testable, and extensible frontend applications. However, on the server-side, while there are a lot of superb libraries, helpers, and tools for Node, none of them effectively solve the main problem - the architecture.
Nest aims to provide an application architecture out of the box which allows for effortless creation of highly testable, scalable, and loosely coupled and easily maintainable applications. The architecture is heavily inspired by Angular.
For questions and support please use the official Discord channel. The issue list of this repo is exclusively for bug reports and feature requests.
Please make sure to read the Issue Reporting Checklist before opening an issue. Issues not conforming to the guidelines may be closed immediately.
With official support, you can get expert help straight from Nest core team. We provide dedicated technical support, migration strategies, advice on best practices (and design decisions), PR reviews, and team augmentation. Read more about support here.
Nest is an MIT-licensed open source project. It can grow thanks to the sponsors and support from the amazing backers. If you'd like to join them, please read more here.
Nest is MIT licensed.
FAQs
Nest - modern, fast, powerful node.js web framework (@common)
The npm package @nestjs/common receives a total of 3,297,985 weekly downloads. As such, @nestjs/common popularity was classified as popular.
We found that @nestjs/common demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.