Security News
New React Server Components Vulnerabilities: DoS and Source Code Exposure
New DoS and source code exposure bugs in React Server Components and Next.js: what’s affected and how to update safely.
By Sarah Gooding - Dec 12, 2025
🚨 Shai-Hulud Strikes Again:834 Packages Compromised.Technical Analysis →
Fetchum
A better fetch api
The main bulk of the local storage wrapper has been moved out into betterstorage. The token related methods still exist.
Install
npm i -S fetchum
yarn add fetchum
Setup
<script>
window.FETCHUM_BASE = 'localhost:3000/api';
window.FETCHUM_PREFIX = '@my-app';
</script>
For use Node side set env vars ie:
process.env.FETCHUM_BASE = 'localhost:3000/api';
process.env.FETCHUM_PREFIX = '@my-app';
For universal set both.
import fetchum from 'fetchum';
fetchum.setConfig('/api/', '@app-prefix');
Api - generateRequest
generateRequest returns a function to call that will make a request
based on set options.
Options
method: http verbroute: url stringheaders: object for default request headers (default: {})form: boolean if submit as form data (default: false)token: boolean if set Auth header from local storage token (default: false)external: boolean if should not prepend route with api base (default: false)
Function Params
params: json object matching keys for parameterized routes ie:/user/:idbody: json request body/url paramsheaders: json request headerscustomToken: !Only if external option isfalsetokenType: !Only if external option isfalse. DefaultBearer.
Examples
import fetchum from 'fetchum';
const getRandomUser = fetchum.generateRequest({
method: 'GET',
external: true,
route: 'http://uifaces.com/api/v1/random',
});
Create and update a user with profile image on a authenticated api
import fetchum from 'fetchum';
const postUser = fetchum.generateRequest({
method: 'POST',
form: true,
token: true,
route: '/v1/user',
});
const putUser = fetchum.generateRequest({
method: 'PUT',
form: true,
token: true,
route: '/v1/user/:id',
});
const createUser = (data) => {
postUser({}, data)
.then((res) => { console.log('created', res.data); })
.catch((res) => { console.warn(res); });
};
const updateUser = (id, data) => {
putUser({id}, data)
.then((res) => { console.log('updated', res.data); })
.catch((res) => { console.warn(res); });
};
Api - generateCRUDRequests
Like generateRequest generateCRUDRequests will generate request structure but it does more returning a object with all the basic crud actions.
Function Params
baseUrl: url string to base crud actions off ie:/useridVar: the var name of theidurl param id the:idin/user/:id. The:should not be passed.- Defualt -
'id' useToken: if the routes should have the token option set.- Defualt -
false
Examples
import fetchum from 'fetchum';
const userApi = fetchum.generateCRUDRequests('/users', 'id', true);
userApi.fetchOne({ id: 0 })
.then((res) => {
this.user = res.data.user;
});
Returned Requests
fetchAll-GETto base urlcreate-POSTto base urlfetchOne-GETto base url and added id Var ie:/users/:idupdate-PUTto base url and added id Var ie:/users/:iddelete-DELETEto base url and added id Var ie:/users/:id
Api - LocalStorage
Fetchum has a build in LocalStorage wrapper for convenience and for the specific use of getting the auth token.
To use the token option in the generateRequest call you will need to use
this LocalStorage wrapper;
Methods
set- sets var in storage ieLocalStorage.set('varName', varValue)get- gets a var value from storage ie:const varValue = LocalStorage.set('varName')remove- removes a var from storageisSet- returns boolean for if a var is in storagesetToken- sets a token in storage used by requestsgetToken- gets a token from storageremoveToken- removes a token from storage
Examples
import {LocalStorage} from 'fetchum';
const setToken = (token) => {
LocalStorage.set('token', token);
};
Login and out example
import fetchum from 'fetchum';
const apiLogin = fetchum.generateRequest({
method: 'POST',
route: '/v1/login',
});
const login = (data) => {
apiLogin(data)
.then((res) => {
fetchum.LocalStorage.setToken(res.data.token);
fetchum.LocalStorage.set('user', res.data.user);
})
.catch((res) => { console.warn(res); });
};
const getCurrentUser = () => {
return fetchum.LocalStorage.get('user');
};
const logout = () => {
fetchum.LocalStorage.remove('user');
fetchum.LocalStorage.removeToken();
};
Random Usage Examples
import fetchum from 'fetchum';
/**
* API Calls
*
*/
export default {
login: fetchum.generateRequest({
method: 'POST',
route: '/v1/login',
}),
user: {
getAll: fetchum.generateRequest({
method: 'GET',
token: true,
route: '/v1/users',
}),
show: fetchum.generateRequest({
method: 'GET',
token: true,
route: '/v1/users/:id',
}),
update: fetchum.generateRequest({
method: 'PUT',
token: true,
route: '/v1/users/:id',
}),
remove: fetchum.generateRequest({
method: 'DELETE',
token: true,
route: '/v1/users/:id',
}),
create: fetchum.generateRequest({
method: 'POST',
token: true,
route: '/v1/users',
}),
}
};
import { apiRequests } from 'fetchum';
const getUsersDirect = () => {
apiRequests.get('/v1/users')
.then((res) => { console.log('my users', res.data); })
.catch((res, err) => { console.warn(res); });
};
Api request - methods
/**
* Generate a api request
* @param {Object} options - {method, token, route, external, form, headers}
*
*/
generateRequest
/**
* Generate a crud api requests
* @param {Object} baseUrl
* @param {Object} idVar
* @param {Object} useToken
*
*/
generateCRUDRequests
/**
* Base request call
* @param {Boolean} isFormData
* @param {String} method
* @param {String} url
* @param {JSON} body
* @param {Object} headers
* @param {Object} otherConfig
*
*/
request
/**
* Basic http requests
* @param {String} url
* @param {JSON} body
* @param {Object} headers
* @param {Object} otherConfig
*
*/
requests.get, requests.put, requests.post, requests.patch, requests.delete
/**
* Form requests - the body JSON is converted into FormData
* @param {String} url
* @param {JSON} body
* @param {Object} headers
* @param {Object} otherConfig
*
*/
requests.putForm, requests.postForm
/**
* Calls the request and prepends route with api base
* @param {Boolean} isFormData
* @param {String} method
* @param {String} url
* @param {JSON} body
* @param {Object} headers
* @param {Object} otherConfig
*
*/
apiRequest
/**
* Basic http requests that prepend route with api base
* @param {String} url
* @param {JSON} body
* @param {Object} headers
* @param {Object} otherConfig
*
*/
apiRequests.get, apiRequests.put, apiRequests.post, apiRequests.patch, apiRequests.delete
/**
* API Form requests - the body JSON is converted into FormData
* @param {String} url
* @param {JSON} body
* @param {Object} headers
* @param {Object} otherConfig
*
*/
apiRequests.putForm, apiRequests.postForm
FAQs
A better fetch and local storage system
The npm package fetchum receives a total of 2 weekly downloads. As such, fetchum popularity was classified as not popular.
We found that fetchum demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 28 Nov 2017
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Software Engineering Daily Podcast: Feross on AI, Open Source, and Supply Chain Risk
Socket CEO Feross Aboukhadijeh joins Software Engineering Daily to discuss modern software supply chain attacks and rising AI-driven security risks.
By Sarah Gooding - Dec 11, 2025
Security News
npm Revokes Classic Tokens, as OpenJS Warns Maintainers About OIDC Gaps
GitHub has revoked npm classic tokens for publishing; maintainers must migrate, but OpenJS warns OIDC trusted publishing still has risky gaps for critical projects.
By Sarah Gooding - Dec 10, 2025