Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
@uppy/companion
Advanced tools
OAuth helper and remote fetcher for Uppy's (https://uppy.io) extensible file upload widget with support for drag&drop, resumable uploads, previews, restrictions, file processing/encoding, remote providers like Dropbox and Google Drive, S3 and more :dog:
Companion is a server integration for Uppy file uploader.
It handles the server-to-server communication between your server and file storage providers such as Google Drive, Dropbox, Instagram, etc. Companion is not a target to upload files to. For this, use a https://tus.io server (if you want resumable) or your existing Apache/Nginx server (if you don’t). See here for full documentation
npm install @uppy/companion
If you don’t have a Node.js project with a package.json
you might want to
install/run Companion globally like so:
[sudo] npm install -g @uppy/companion@1.x
(best check the actual latest
version, and use that, so (re)installs are reproducible, and upgrades
intentional).
companion may either be used as pluggable express app, which you plug to your existing server, or it may also be run as a standalone server:
import express from 'express'
import bodyParser from 'body-parser'
import session from 'express-session'
import companion from '@uppy/companion'
const app = express()
app.use(bodyParser.json())
app.use(session({ secret: 'some secrety secret' }))
// ...
// be sure to place this anywhere after app.use(bodyParser.json()) and app.use(session({...})
const options = {
providerOptions: {
drive: {
key: 'GOOGLE_KEY',
secret: 'GOOGLE_SECRET',
},
},
server: {
host: 'localhost:3020',
protocol: 'http',
},
filePath: '/path/to/folder/',
}
const { app: companionApp } = companion.app(options)
app.use(companionApp)
To enable companion socket for realtime feed to the client while upload is going
on, you call the socket
method like so.
// ...
const server = app.listen(PORT)
companion.socket(server)
Please make sure that the required env variables are set before runnning/using companion as a standalone server. See.
$ companion
If you cloned the repo from GitHub and want to run it as a standalone server, you may also run the following command from within its directory
npm start
Companion can also be deployed to Heroku
mkdir uppy-companion && cd uppy-companion
git init
echo 'export COMPANION_PORT=$PORT' > .profile
echo 'node_modules' > .gitignore
echo '{
"name": "uppy-companion",
"version": "1.0.0",
"scripts": {
"start": "companion"
},
"dependencies": {
"@uppy/companion": "latest"
}
}' > package.json
npm i
git add . && git commit -am 'first commit'
heroku create
git push heroku master
Make sure you set the required environment variables.
FAQs
OAuth helper and remote fetcher for Uppy's (https://uppy.io) extensible file upload widget with support for drag&drop, resumable uploads, previews, restrictions, file processing/encoding, remote providers like Dropbox and Google Drive, S3 and more :dog:
The npm package @uppy/companion receives a total of 15,887 weekly downloads. As such, @uppy/companion popularity was classified as popular.
We found that @uppy/companion demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
Security News
A Stanford study reveals 9.5% of engineers contribute almost nothing, costing tech $90B annually, with remote work fueling the rise of "ghost engineers."
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.