Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
get-it
Advanced tools
Changelog
Readme
Generic HTTP request library for node.js (>= 14) and modern browsers.
We wanted an HTTP request library that worked transparently in Node.js and browsers with a small browser bundle footprint.
To be able to use the same library in a range of different applications with varying requirements, but still keep the bundle size down, we took inspiration from http-client which cleverly composes functionality into the client.
Using a middleware approach, get-it
has the following feature set:
How get-it
behaves depends on which middleware you've loaded, but common to all approaches is the setup process.
// Import the core get-it package, which is used to generate a requester
import {getIt} from 'get-it'
// And import whatever middleware you want to use
import {base, jsonResponse, promise} from 'get-it/middleware'
// Now compose the middleware you want to use
const request = getIt([base('https://api.your.service/v1'), jsonResponse()])
// You can also register middleware using `.use(middleware)`
request.use(promise())
// Now you're ready to use the requester:
request({url: '/projects'})
.then((response) => console.log(response.body))
.catch((err) => console.error(err))
In most larger projects, you'd probably make a httpClient.js
or similar, where you would instantiate the requester and export it for other modules to reuse.
url
- URL to the resource you want to reach.method
- HTTP method to use for request. Default: GET
, unless a body is provided, in which case the default is POST
.headers
- Object of HTTP headers to send. Note that cross-origin requests in IE9 will not be able to set these headers.body
- The request body. If the jsonRequest
middleware is used, it will serialize to a JSON string before sending. Otherwise, it tries to send whatever is passed to it using the underlying adapter. Supported types:
string
, ArrayBufferView
, Blob
, Document
, FormData
(deprecated: ArrayBuffer
)string
, buffer
, ReadStream
bodySize
- Size of body, in bytes. Only used in Node when passing a ReadStream
as body, in order for progress events to emit status on upload progress.timeout
- Timeout in millisecond for the request. Takes an object with connect
and socket
properties.maxRedirects
- Maximum number of redirects to follow before giving up. Note that this is only used in Node, as browsers have built-in redirect handling which cannot be adjusted. Default: 5
rawBody
- Set to true
to return the raw value of the response body, instead of a string. The type returned differs based on the underlying adapter:
ArrayBuffer
Buffer
By default, get-it
will return an object of single-channel event emitters. This is done in order to provide a low-level API surface that others can build upon, which is what the promise
and observable
middlewares do. Unless you really know what you're doing, you'll probably want to use those middlewares.
get-it
does not expose the low-level primitives such as the XMLHttpRequest
or http.IncomingMessage
instances. Instead, it provides a response object with the following properties:
{
// string (ArrayBuffer or Buffer if `rawBody` is set to `true`)
body: 'Response body'
url: 'http://foo.bar/baz',
method: 'GET',
statusCode: 200,
statusMessage: 'OK',
headers: {
'Date': 'Fri, 09 Dec 2016 14:55:32 GMT',
'Cache-Control': 'public, max-age=120'
}
}
For the most part, you simply have to register the middleware and you should be good to go. Sometimes you only need the response body, in which case you can set the onlyBody
option to true
. Otherwise the promise will be resolved with the response object mentioned earlier.
import {getIt} from 'get-it'
import {promise} from 'get-it/middleware'
const request = getIt([promise({onlyBody: true})])
request({url: 'http://foo.bar/api/projects'})
.then((projects) => console.log(projects))
.catch((err) => console.error(err))
With the Promise API, you can cancel requests using a cancel token. This API is based on the Cancelable Promises proposal, which was at Stage 1 before it was withdrawn.
You can create a cancel token using the CancelToken.source
factory as shown below:
import {promise} from 'get-it/middleware'
const request = getIt([promise()])
const source = promise.CancelToken.source()
request
.get({
url: 'http://foo.bar/baz',
cancelToken: source.token,
})
.catch((err) => {
if (promise.isCancel(err)) {
console.log('Request canceled', err.message)
} else {
// handle error
}
})
// Cancel the request (the message parameter is optional)
source.cancel('Operation canceled by the user')
The observable API requires you to pass an Observable-implementation that you want to use. Optionally, you can register it under the global Observable
, but this is not recommended.
import {getIt} from 'get-it'
import {observable} from 'get-it/middleware'
import zenObservable from 'zen-observable'
const request = getIt()
request.use(
observable({
implementation: zenObservable,
}),
)
const observer = request({url: 'http://foo.bar/baz'})
.filter((ev) => ev.type === 'response')
.subscribe({
next: (res) => console.log(res.body),
error: (err) => console.error(err),
})
// If you want to cancel the request, simply unsubscribe:
observer.unsubscribe()
It's important to note that the observable middleware does not only emit response
objects, but also progress
events. You should always filter to specify what you're interested in receiving. Every emitted value has a type
property.
This module was inspired by the great work of others:
MIT-licensed. See LICENSE.
Run the "CI & Release" workflow. Make sure to select the main branch and check "Release new version".
Semantic release will only release on configured branches, so it is safe to run release on any branch.
FAQs
Generic HTTP request library for node, browsers and workers
The npm package get-it receives a total of 352,630 weekly downloads. As such, get-it popularity was classified as popular.
We found that get-it demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 49 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.