![Malicious npm Package Typosquats react-login-page to Deploy Keylogger](https://cdn.sanity.io/images/cgdhsj6q/production/007b21d9cf9e03ae0bb3f577d1bd59b9d715645a-1024x1024.webp?w=400&fit=max&auto=format)
Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
fetch-retry
Advanced tools
Package description
The fetch-retry npm package is an extension of the native fetch API that adds the ability to automatically retry a failed HTTP request. This is particularly useful for dealing with transient network issues or temporary server-side errors. It allows developers to specify the number of retries, the retry delay, and other retry policies.
Automatic retries for failed requests
This feature allows fetch requests to be automatically retried a specified number of times with a delay between each attempt. The code sample shows how to wrap the native fetch with fetch-retry to make a GET request that retries up to 3 times with a 1-second delay between retries.
fetch = require('fetch-retry')(require('node-fetch'));
fetch('https://api.example.com', {
retries: 3,
retryDelay: 1000
}).then(function(response) {
return response.json();
}).then(function(json) {
console.log(json);
}).catch(function(error) {
console.error(error);
});
Customizable retry on function
This feature allows developers to define a custom function to determine whether a request should be retried based on the attempt number, error, and response. The code sample demonstrates a custom retryOn function that retries the request if an error occurs or if the response status code is 500 or greater.
fetch = require('fetch-retry')(require('node-fetch'));
fetch('https://api.example.com', {
retries: 4,
retryDelay: 1000,
retryOn: function(attempt, error, response) {
if (error !== null || response.status >= 500) {
return true;
}
return false;
}
}).then(function(response) {
return response.json();
}).then(function(json) {
console.log(json);
}).catch(function(error) {
console.error(error);
});
axios-retry is a package that provides similar retry functionality for Axios, a popular HTTP client. It allows for configuring retry conditions, delay strategies, and the number of retries. Unlike fetch-retry, which is built for the fetch API, axios-retry is specifically designed to work with Axios.
got is a more comprehensive HTTP request library that includes built-in retry functionality among many other features. It supports retries with a more extensive set of options and strategies compared to fetch-retry. Got is a standalone package, whereas fetch-retry is an extension of the native fetch API.
superagent-retry extends the superagent library to add retry capabilities. It is similar to fetch-retry in that it adds retry functionality to an existing HTTP request library, but it is designed for superagent instead of fetch.
Readme
Adds retry functionality to the Fetch
API by wrapping isomorphic-fetch and retrying failing requests.
npm install fetch-retry --save
fetch-retry
works the same way as fetch
, but also accepts a retries
property on the options argument. If retries
is not specified, it will default to using 3 retries.
var fetch = require('fetch-retry');
fetch(url, {
retries: 5,
timeout: 1500
})
.then(function(response) {
return response.json();
})
.then(function(json) {
// do something with the result
console.log(json);
});
The fetch
specification differs from jQuery.ajax() in mainly two ways that bear keeping in mind:
Source: Github fetch
FAQs
Unknown package
We found that fetch-retry demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.