Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@octokit-next/endpoint
Advanced tools
Turns GitHub REST API endpoints into generic request options
@octokit-next/endpoint
combines GitHub REST API routes with parameters and turns them into generic request options that can be used in any request library.
Browsers |
Load @octokit-next/endpoint directly from cdn.skypack.dev
|
---|---|
Node |
Install with
|
Deno |
Load
|
Example for List organization repositories
const requestOptions = endpoint("GET /orgs/{org}/repos", {
headers: {
authorization: "token 0000000000000000000000000000000000000001",
},
org: "octokit",
type: "private",
});
The resulting requestOptions
looks as follows
{
"method": "GET",
"url": "https://api.github.com/orgs/octokit/repos?type=private",
"headers": {
"accept": "application/vnd.github.v3+json",
"authorization": "token 0000000000000000000000000000000000000001",
"user-agent": "octokit-next/endpoint.js v1.2.3"
}
}
You can pass requestOptions
to common request libraries
const { url, ...options } = requestOptions;
// https://developer.mozilla.org/en-US/docs/Web/API/Fetch_API/Using_Fetch
fetch(url, options);
// https://github.com/sindresorhus/got
got[options.method](url, options);
// https://github.com/axios/axios
axios(requestOptions);
For PUT/POST
endpoints with request body parameters, the code is slightly different
const { url, data, ...options } = requestOptions;
// https://developer.mozilla.org/en-US/docs/Web/API/Fetch_API/Using_Fetch
fetch(url, { ...options, body: JSON.stringify(data) });
// https://github.com/sindresorhus/got
got[options.method](url, { ...options, json: data });
// https://github.com/axios/axios
axios(requestOptions);
endpoint(route, options)
or endpoint(options)
name | type | description |
---|---|---|
route
| String |
If set, it has to be a string consisting of URL and the request method, e.g., GET /orgs/{org} . If it’s set to a URL, only the method defaults to GET .
|
options.method
| String |
Required unless route is set. Any supported http verb. Defaults to GET .
|
options.url
| String |
Required unless route is set. A path or full URL which may contain :variable or {variable} placeholders,
e.g., /orgs/{org}/repos .
|
options.baseUrl
| String |
Defaults to https://api.github.com .
|
options.headers
| Object |
Custom headers. Passed headers are merged with defaults:headers['user-agent'] defaults to octokit-endpoint.js/1.2.3 (where 1.2.3 is the released version).headers['accept'] defaults to application/vnd.github.v3+json . |
options.mediaType.format
| String |
Media type param, such as raw , diff , or text+json . See Media Types. Setting options.mediaType.format will amend the headers.accept value.
|
options.mediaType.previews
| Array of Strings |
Name of previews, such as mercy , symmetra , or scarlet-witch . See API Previews. If options.mediaType.previews was set as default, the new previews will be merged into the default ones. Setting options.mediaType.previews will amend the headers.accept value. options.mediaType.previews will be merged with an existing array set using .withDefaults() .
|
options.data
| Any |
Set request body directly instead of setting it to JSON based on additional parameters. See "The data parameter" below.
|
options.request
| Object |
Pass custom meta information for the request. The request object will be returned as is.
|
All other options will be passed depending on the method
and url
options.
url
, it will be used as the replacement. For example, if the passed options are {url: '/orgs/{org}/repos', org: 'foo'}
the returned options.url
is https://api.github.com/orgs/foo/repos
.method
is GET
or HEAD
, the option is passed as a query parameter.Result
endpoint()
is a synchronous method and returns an object with the following keys:
key | type | description |
---|---|---|
method | String | The http method. Always lowercase. |
url | String | The url with placeholders replaced with passed parameters. |
headers | Object | All header names are lowercased. |
body | Any | The request body if one is present. Only for PATCH , POST , PUT , DELETE requests. |
request | Object | Request meta option, it will be returned as it was passed into endpoint() |
endpoint.withDefaults()
Override or set default options. Example:
const myEndpoint = endpoint.withDefaults({
baseUrl: "https://github-enterprise.acme-inc.com/api/v3",
headers: {
"user-agent": "myApp/1.2.3",
authorization: `token 0000000000000000000000000000000000000001`,
},
});
const options = myEndpoint(`GET /orgs/{org}/repos`, {
org: "my-project",
per_page: 100,
});
// {
// "method": "GET",
// "url": "https://api.github.com/orgs/my-project/repos?per_page=100",
// "headers": {
// "accept": "application/vnd.github.v3+json",
// "authorization": "token 0000000000000000000000000000000000000001",
// "user-agent": "myApp/1.2.3"
// }
// }
You can call .withDefaults()
again on the returned method, the defaults will cascade.
const myEndpointWithToken2 = myEndpoint.withDefaults({
headers: {
authorization: `token 0000000000000000000000000000000000000002`,
},
});
const options2 = myEndpointWithToken2(`GET /orgs/{org}/repos`, {
org: "my-project",
per_page: 100,
});
// {
// "method": "GET",
// "url": "https://api.github.com/orgs/my-project/repos?per_page=100",
// "headers": {
// "accept": "application/vnd.github.v3+json",
// "authorization": "token 0000000000000000000000000000000000000002",
// "user-agent": "myApp/1.2.3"
// }
// }
endpoint.DEFAULTS
The current default options.
endpoint.DEFAULTS.baseUrl; // https://api.github.com
const myEndpoint = endpoint.withDefaults({
baseUrl: "https://github-enterprise.acme-inc.com/api/v3",
});
myEndpoint.DEFAULTS.baseUrl; // https://github-enterprise.acme-inc.com/api/v3
endpoint.merge(route, options)
or endpoint.merge(options)
Get the defaulted endpoint options, but without parsing them into request options:
const myProjectEndpoint = endpoint.withDefaults({
baseUrl: "https://github-enterprise.acme-inc.com/api/v3",
headers: {
"user-agent": "myApp/1.2.3",
},
org: "my-project",
});
myProjectEndpoint.merge("GET /orgs/{org}/repos", {
headers: {
authorization: `token 0000000000000000000000000000000000000001`,
},
org: "my-secret-project",
type: "private",
});
// {
// baseUrl: 'https://github-enterprise.acme-inc.com/api/v3',
// method: 'GET',
// url: '/orgs/{org}/repos',
// headers: {
// accept: 'application/vnd.github.v3+json',
// authorization: `token 0000000000000000000000000000000000000001`,
// 'user-agent': 'myApp/1.2.3'
// },
// org: 'my-secret-project',
// type: 'private'
// }
endpoint.parse()
Stateless method to turn endpoint options into request options. Calling
endpoint(options)
is the same as calling endpoint.parse(endpoint.merge(options))
.
@octokit-next/endpoint
supports types for all REST API endpoints across all supported targets (github.com, GitHub AE, GitHub Enterprise Server).
In order to take advantage of the types, you have to install the @octokit-next/types-rest-api*
packages for the platform(s) you want to target.
For example, to get types for all of github.com's REST API endpoints, use @octokit-next/types-rest-api
.
/// <reference types="@octokit-next/types-rest-api" />
import { endpoint } from "@octokit-next/endpoint";
endpoint("");
// Set cursor in the route argument and press `Ctrl + Space` to get a type ahead for all 700+ REST API endpoints
const requestOptions = endpoint("GET /orgs/{org}/repos", { org: "octokit" });
// requestOptions.method is now typed as `"GET"` instead of `string`
// requestOptions.url is now typed as `"/orgs/{org}/repos"` instead of `string`
// requestOptions.data does not exist on types.
To support GitHub Enterprise Server 3.0 and all new versions, import @octokit-next/types-rest-api-ghes-3.0
and set the request version:
/// <reference types="@octokit-next/types-rest-api-ghes-3.0" />
import { endpoint } from "@octokit-next/endpoint";
endpoint("", {
request: {
version: "ghes-3.0",
},
});
// Set cursor in the route argument and press `Ctrl + Space` to get a type ahead for all GHES 3.0 REST API endpoints
const requestOptions = endpoint("GET /admin/users/{username}", {
request: {
version: "ghes-3.0",
},
username: "octocat",
});
// requestOptions.method is now typed as `"GET"` instead of `string`
// requestOptions.url is now typed as `"/admin/users/{username}"` instead of `string`
// requestOptions.data does not exist on types.
Types in the @octokit-next/types-rest-api-ghes
packages are additive. So you can set request.version
to ghes-3.1
and ghes-3.2
as well.
The version can be set using endpoint.withDefaults()
as well. You can override the version in each endpoint()
call.
/// <reference types="@octokit-next/types-rest-api-ghes-3.0" />
import { endpoint } from "@octokit-next/endpoint";
const ghes30endpoint = endpoint.withDefaults({
request: {
version: "ghes-3.0",
},
});
endpoint("");
// Set cursor in the route argument and press `Ctrl + Space` to get a type ahead for all GHES 3.0 REST API endpoints
If you need your script to work across github.com and a minimal GitHub Enterprise Server version, you can use any of the @octokit-next/types-rest-api-ghes-*-compatible
packages.
/// <reference types="@octokit-next/types-rest-api-ghes-3.0-compatible" />
import { endpoint } from "@octokit-next/endpoint";
const ghes30endpoint = endpoint.withDefaults({
request: {
version: "ghes-3.0",
},
});
endpoint("");
// Set cursor in the route argument and press `Ctrl + Space` to get a type ahead for all REST API endpoints
// that exist in both github.com and GitHub Enterprise Server 3.0
data
parameter – set request body directlySome endpoints such as Render a Markdown document in raw mode don’t have parameters that are sent as request body keys, instead, the request body needs to be set directly. In these cases, set the data
parameter.
const options = endpoint("POST /markdown/raw", {
data: "Hello world github/linguist#1 **cool**, and #1!",
headers: {
accept: "text/html;charset=utf-8",
"content-type": "text/plain",
},
});
// options is
// {
// method: 'post',
// url: 'https://api.github.com/markdown/raw',
// headers: {
// accept: 'text/html;charset=utf-8',
// 'content-type': 'text/plain',
// 'user-agent': userAgent
// },
// body: 'Hello world github/linguist#1 **cool**, and #1!'
// }
There are API endpoints that accept both query parameters as well as a body. In that case, you need to add the query parameters as templates to options.url
, as defined in the RFC 6570 URI Template specification.
Example
endpoint(
"POST https://uploads.github.com/repos/octocat/Hello-World/releases/1/assets{?name,label}",
{
name: "example.zip",
label: "short description",
headers: {
"content-type": "text/plain",
"content-length": 14,
authorization: `token 0000000000000000000000000000000000000001`,
},
data: "Hello, world!",
}
);
FAQs
Turns REST API endpoints into generic request options
The npm package @octokit-next/endpoint receives a total of 17 weekly downloads. As such, @octokit-next/endpoint popularity was classified as not popular.
We found that @octokit-next/endpoint demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.