Big News: Socket raises $60M Series C at a $1B valuation to secure software supply chains for AI-driven development.Announcement
Sign In

@plasius/api

Package Overview
Dependencies
Maintainers
1
Versions
14
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@plasius/api

Generic public API security and middleware helpers.

Source
npmnpm
Version
1.0.9
Version published
Weekly downloads
437
280%
Maintainers
1
Weekly downloads
 
Created
Source

@plasius/api

npm version Build Status coverage License Code of Conduct Security Policy Changelog

Public generic API helper package.

What this package contains

  • Public helper exports compiled to dist/**
  • Reusable transport-security helper utilities
  • Reusable session helper utilities compatible with withSession middleware
  • Governance/legal materials (docs/**, legal/**)

Package Boundary (Public by Design)

  • @plasius/api is intentionally a generic helper package.
  • Private application handlers and business-specific backend code must remain in private consumer repositories.
  • Publish safeguards now block packaging of private runtime trees (src/**, local settings, and generated OpenAPI artifacts).
  • npm run pack:check also fails if public code roots (src/**, tests/**, demo/**) contain forbidden private/product identifiers.

Transport Security Baseline

  • Exports helper functions:
    • applyBaselineSecurityHeaders(headers)
    • isHttpsRequest(request)
    • isInsecureLocalRequest(request)
    • shouldEnforceHttps()
  • These helpers support strict header policy and HTTPS enforcement behavior for callers.

Session Helper Baseline

  • Exports helper functions:
    • ensureSession(request, options?)
    • getSessionIdFromRequest(request, cookieName?)
    • createSessionCookie(sessionId, options?)
  • withSession middleware is implemented using these helpers and keeps secure defaults (HttpOnly, Secure, SameSite=None, Path=/).

Install

npm install @plasius/api

Entrypoints

  • Main module: @plasius/api
  • Middleware module: @plasius/api/middleware

Example

import {
  applyBaselineSecurityHeaders,
  isHttpsRequest,
  shouldEnforceHttps,
} from "@plasius/api";

import { withCors, withRateLimiting, withMiddleware } from "@plasius/api/middleware";

Local development

npm ci
npm run build
npm test
npm run pack:check

npm run build compiles the public package entrypoint to dist/.

Publish checklist

  • Update CHANGELOG.md under Unreleased.
  • Run npm ci && npm run clean && npm run build && npm test && npm run pack:check.
  • Bump package.json version.
  • Tag and push (vX.Y.Z).
  • Publish through the CD workflow (recommended) or npm publish.

Governance

License

Apache-2.0

Keywords

api
middleware
security
transport-security
pkce

FAQs

Package last updated on 04 Mar 2026

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Shai-Hulud Descends to Hades: Miasma Worm Campaign Spreads with New PyPI Wave

Research

Shai-Hulud Descends to Hades: Miasma Worm Campaign Spreads with New PyPI Wave

Socket found 37 malicious PyPI wheels that abuse Python startup hooks to launch a Bun-powered credential stealer tied to Mini Shai-Hulud/Miasma.

By Socket Research Team  -  Jun 07, 2026