Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
A xhr request formatter (window.fetch) with an ajax/superagent inspired API
fetched
provides a declarative wrapper for request parameters.
It's targeted towards window.fetch
standard, but can be used to format
request object for other XMLHttpRequest libraries
In general, fetched
is a xhr request formatter with an ajax/superagent inspired API
that is targeted toward window.fetch
WHATWG standard / polyfill.
npm install fetched --save
To use fetch
, You may need the following polyfills:
fetch
npm install whatwg-fetch --save
promise
npm install es6-promise --save
For example, posting data to http://example.com/api/me
import Fetched from 'fetched';
let agent = new Fetched('http://localhost');
agent.post('/api/me')
.send({
username: 'my-username',
password: 'my-password'
})
.json()
.withCredentials()
.using(fetch); // uses window.fetch object. Can be other compatible HTTP request libraries.
The above will return a fetch promise object.
To use with other libraries, you can do the following:
let result = agent.post('/api/me')
.send({
username: 'my-username',
password: 'my-password'
})
.json()
.withCredentials()
.format();
You should get the following output in your result
variable:
{
"resource": "http://localhost",
"params": {
"headers": {
"Accept": "application/json",
"Content-Type": "application/json"
},
"method": "post",
"body": "{'username':'my-username','password':'my-password'}",
"credentials": "include"
}
}
API is still a little unstable.
FAQs
A xhr request formatter (window.fetch) with an ajax/superagent inspired API
The npm package fetched receives a total of 3 weekly downloads. As such, fetched popularity was classified as not popular.
We found that fetched demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.