Security News
The Hidden Blast Radius of the Axios Compromise
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.
By Ahmad Nassri - Apr 01, 2026
New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →
dAPIr
Dan's API Router (dAPIr) is a simple API router based on Express.js that leverages the file system for creating routes. dAPIr also helps you manage and create OpenAPI documentation.
Quick Start
Let's get started with using dAPIr!
Create API
Create your API route file
process.chdir(__dirname);
import { Server, HTTPContext } from 'dapir';
// Context that will be passed throughout app (databases, wrappers, etc)
const context = {
test: 'test',
};
// Create api
const api = new Server({
port: 3000,
host: '0.0.0.0',
cors: {
enabled: true,
origin: '*',
},
routes: {
enabled: true,
folder: './routes',
context: context,
}
})
// Export types
export type RouteHandler = typeof api.routeHandler<HTTPContext>;
export type RouteConfig = typeof api.routeConfig;
export type Context = typeof context;
export const authenticationMethod = api.authenticationMethod;
// Start server
api.listen();
Routing
Creating a route file
dAPIr uses the file system to create routes. To create a route create a ts file with a HTTP method as the name. To create a dynamic url create a folder or prefix the file name with [var] (replace var with whatever you want it to be named). Here are some examples of what they might look like.
| File Path | Route Path |
|---|---|
| /get.ts | GET / |
| /foo/get.ts | GET /foo |
| /foo.get.ts | GET /foo |
| /bar/post.ts | POST /bar |
| /bar/get.ts | GET /bar |
| /[id]/get.ts | GET /:id |
| /[id].get.ts | GET /:id |
dAPIr will detect duplicate routes and error them to the console.
Setup route
To setup a route, simply import the types from your api index.
import { RouteConfig, RouteHandler } from '@/';
export const handler: RouteHandler = (ctx) => ctx.res.json({ message: 'Hello World' });
export const configuration: RouteConfig = { /* ... */ };
Middlewares
dAPIr supports two types of middlewares, global and local.
Global Middleware
Global Middlewares run on every request
Unfinished...
Local Middleware
Unfinished...
FAQs
An api wrapper
The npm package dapir receives a total of 2 weekly downloads. As such, dapir popularity was classified as not popular.
We found that dapir demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 17 May 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Supply Chain Attack on Axios Pulls Malicious Dependency from npm
A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.
By Socket Research Team - Mar 31, 2026
Research
TeamPCP Compromises Telnyx Python SDK to Deliver Credential-Stealing Malware
Malicious versions of the Telnyx Python SDK on PyPI delivered credential-stealing malware via a multi-stage supply chain attack.
By Socket Research Team - Mar 27, 2026