Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
@superfaceai/one-sdk
Advanced tools
Level 5 autonomous, self-driving API client, https://superface.ai
Superface is the core SDK of the Superface project. It is the library that communicates with registry and performs operations on profiles/maps, including input/output validations.
Superface (super-interface) is a higher-order API, an abstraction on top of the modern APIs like GraphQL and REST. Superface is one interface to discover, connect, and query any capabilities available via conventional APIs.
Through its focus on application-level semantics, Superface decouples the clients from servers, enabling fully autonomous evolution. As such it minimizes the code base as well as errors and downtimes while providing unmatched resiliency and redundancy.
Superface allows for switching capability providers without development at a runtime in milliseconds. Furthermore, Superface decentralizes the composition and aggregation, and thus creates an Autonomous Integration Mesh.
Motivation behind Superface is nicely described in this video from APIdays conference.
You can get more information at https://superface.ai and https://docs.superface.ai/.
To install the package, run in the project directory:
# npm users
npm install @superfaceai/one-sdk
# yarn users
yarn add @superfaceai/one-sdk
To interact with Superface, initialize a new Superface OneSDK instance, references the profile and use case you're wanting to use, then perform it to get the result. You can use either the typed or untyped interface for the SuperfaceClient
.
import { SuperfaceClient } from '@superface/one-sdk';
const client = new SuperfaceClient();
Make sure a profile is installed by running superface install <profileName>[@<profileVersion>]
in the project directory, then load the profile:
const profile = await client.getProfile('<profileName>');
Next, make sure at least one provider is configured in super.json or select one manually. You can configure providers in super.json by running superface configure <providerName>
and you can add additional or overriding configuration by calling .configure
on the Provider object:
const provider = await client.getProvider('<providerName>');
// provider.configure(...)
Then, obtain a use case and perform it with selected provider:
const result = await profile.getUsecase('<usecaseName>').perform(
{
inputField: 1,
anotherInputField: 'hello',
},
// optional, if provider is missing selects first configured provider from super.json
{ provider }
);
You can also use generated typed client, which is very similar:
Make sure a profile is installed with types by running superface install --types <profileName>[@<profileVersion>]
in the project directory.
// This should point to superface directory in project root
// instead of @superfaceai/one-sdk
import { SuperfaceClient } from 'superface/sdk';
const client = new SuperfaceClient();
// This client should now autocomplete your installed profileVersion
const profile = await client.getProfile('myProfile');
const result = await profile.useCases.myUseCase.perform(
{
inputField: 1,
anotherInputField: 'hello',
},
// optional, if provider is missing selects first configured provider from super.json
{ provider }
);
perform
The perform
method will take your inputs and additional information and perform the use case asynchronously. This method always returns a Result type that is either Ok
or Err
. This follows the neverthrow approach. The SDK provides multiple ways to work with result.
You can use conditionals to check if the result was OK or if it errored. Use isOk()
or isErr()
to check type of result.
if (result.isErr()) {
// Result is error, error.toString() returns human readable description of what went wrong
console.log(result.error.toString());
} else {
// Result is ok and you can accees value here
console.log(result.value);
}
The Result type also provides a match
method to use functions to use the values or errors. The match
method takes two functions, the first of which is for handling the Ok
result and the the second for handling the Err
result. The example above using isOk
and isErr
can be written using match
like below.
result.match(
value => console.log(value),
error => console.log(error.toString())
);
Lastly, you can just use unwrap
, which is less safe because it will throw an error.
try {
// Possible error is thrown here and it contains human readable description of what went wrong :)
const value = result.unwrap();
// You can accees value here
console.log(value);
} catch (e) {
console.log(e);
}
Superface is not man-in-the-middle so it does not require any access to secrets that are needed to communicate with provider API. Superface SDK only reads super.json file, resolved authorization secrets from environment variables or from the file itself and applies them to network requests as required by the specific map.
More about the journey of the secrets within SDK can be found in Security.
If you need any additional support, have any questions or you just want to talk you can do that through our documentation page.
Please open an issue first if you want to make larger changes
Feel free to contribute! Please follow the Contribution Guide.
Licenses of node_modules
are checked during push CI/CD for every commit. Only the following licenses are allowed:
The Superface SDK is licensed under the MIT. © 2021 Superface
[0.0.22] - 2021-04-26
FAQs
OneSDK is a universal API client which provides an unparalleled developer experience for every HTTP API
The npm package @superfaceai/one-sdk receives a total of 248 weekly downloads. As such, @superfaceai/one-sdk popularity was classified as not popular.
We found that @superfaceai/one-sdk demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
Security News
A Stanford study reveals 9.5% of engineers contribute almost nothing, costing tech $90B annually, with remote work fueling the rise of "ghost engineers."
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.