Research
Security News
The Growing Risk of Malicious Browser Extensions
Socket researchers uncover how browser extensions in trusted stores are used to hijack sessions, redirect traffic, and manipulate user behavior.
By Kush Pandya - Jun 13, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
express-service-bootstrap
Advanced tools
express-service-bootstrap
This is a convenience package for starting a express API with security, health checks, process exits etc.
express-service-bootstrap
license: Apache-2.0 license license Apache-2.0 Apache-2.0This is a convenience package for starting a express based API server with
- General API Security - (helmet based)
- Health checks - K8S Health Probes
- Process exits listeners - Your API server should shutdown as gracefully as possible when it receives any shutdown signals from OS.
- Include your API documentation - Swagger UI express.
- Singleton DI container - possibly the best pattern to follow, yet completely flexible and ignorable.
- Creator pattern - don't use new keyword, this helps in writing better unit tests and mockable classes and features.
Getting Started
- Please find example code usage in examples folder
import { ApplicationBuilder, ApplicationStartupStatus, ApplicationTypes, Convenience } from "../../dist/src/index.js";
import * as OpenApiDefinition from "./api-def.json" with { type: "json" };
const applicationName = "Test Simple App";
const app = new ApplicationBuilder(applicationName, OpenApiDefinition);
const utilities = new Convenience();
async function AppStartUp(rootRouter, DIContainer, application) {
//Connect to DB or create DB Pool
//Apply Migrations
//Register Routes,Middleware,etc
DIContainer.registerInstance("msg", { message: "Hello from DI" }); //Simulate things stored in DI container
rootRouter
.get("/", (req, res) => {
res.send(req.DIProp.fetchInstance("msg").message);
})
.post("/", (req, res) => {
console.log(req.body);
})
.get("/error", (req, res) => {
throw new Error("This is an error to validate final 'ErrorResponseTransformer' error handling of library");
});
//Configure your application.
const apiDocs = utilities.swaggerAPIDocs(OpenApiDefinition);
application.overrideAppPort(8080) //override the default port 8080(Default 3000)
.overrideHealthPort(8081) //override the default health port 8081(Default 5678)
.registerApplicationHandler(utilities.helmetMiddleware(), "*", 1, ApplicationTypes.Both) //register helmet middleware for both application and health
.registerApplicationHandler(utilities.bodyParserURLEncodingMiddleware(), "*", 2, ApplicationTypes.Main) //register body parser url middleware for application
.registerApplicationHandler(utilities.bodyParserJSONEncodingMiddleware({ limit: '50M' }), "*", 3, ApplicationTypes.Main) //register body parser json middleware for application
.registerApplicationHandler(apiDocs.router, apiDocs.hostingPath, 4, ApplicationTypes.Main) //register api docs
.registerApplicationHandler(utilities.injectInRequestMiddleware("DIProp", DIContainer), "*", 6, ApplicationTypes.Main) //register DI container middleware
.overrideCatchAllErrorResponseTransformer((req, error) => ({ //override the default catch all error response transformer
path: req.path,
status: 500,
body: { message: error.message }
}))
return {
status: ApplicationStartupStatus.UP, // Indicates startup was successful
data: { message: "Connected to database" } // Additional data to be returned(Optional)
};
}
app.overrideStartupHandler(AppStartUp)
.start()
.then(() => console.log(`${applicationName} started successfully.`))
.catch(console.error);
//*******************************
// You can wait for your application to be called by process exit signal
// OR
// If you are done call the Dispose method to stop the application
// await app[Symbol.asyncDispose](); //stop the application and release all resources
//*******************************
Built with
- Authors :heart: for Open Source.
Contributions
- New ideas/techniques are welcomed.
- Raise a Pull Request.
License
This project is contribution to public domain and completely free for use, view LICENSE.md file for details.
FAQs
This is a convenience package for starting a express API with security, health checks, process exits etc.
The npm package express-service-bootstrap receives a total of 211 weekly downloads. As such, express-service-bootstrap popularity was classified as not popular.
We found that express-service-bootstrap demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Package last updated on 29 Oct 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
2025 Blockchain and Cryptocurrency Threat Report: Malware in the Open Source Supply Chain
An in-depth analysis of credential stealers, crypto drainers, cryptojackers, and clipboard hijackers abusing open source package registries to compromise Web3 development environments.
By Kirill Boychenko - Jun 12, 2025
Security News
pnpm 10.12 Introduces Global Virtual Store and Expanded Version Catalogs
pnpm 10.12.1 introduces a global virtual store for faster installs and new options for managing dependencies with version catalogs.
By Sarah Gooding - Jun 11, 2025