Security News
New Python Packaging Proposal Aims to Solve Phantom Dependency Problem with SBOMs
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
google-gax
Advanced tools
The google-gax (Google API Extensions) package is a set of libraries for making Google API client libraries. It provides functionality such as automatic retries, page iteration, and request bundling. It is mainly used internally by Google's auto-generated client libraries for Node.js.
Automatic Retries
This feature allows developers to specify retry logic for failed requests. The RetryOptions class can be used to define backoff settings for retries.
const {RetryOptions} = require('google-gax');
const retryOptions = new RetryOptions(
[100, 200, 400, 800, 1600],
RetryOptions.createRetryPolicy()
);
Page Iteration
This feature simplifies the process of iterating over multiple pages of API response data. The createApiCall function can be configured to handle pagination automatically.
const {createApiCall} = require('google-gax');
const apiCall = createApiCall(
promiseFunc,
{autoPaginate: true}
);
const resources = [];
apiCall({},
(err, response, nextPageRequest, rawResponse) => {
resources.push(...response);
if (nextPageRequest) {
// More results to fetch
}
}
);
Request Bundling
Request bundling allows developers to combine multiple API calls into a single request to reduce network overhead. The BundleDescriptor and BundleExecutor classes are used to define and execute bundled requests.
const {BundleDescriptor, BundleExecutor} = require('google-gax');
const descriptor = new BundleDescriptor(
'bundled_field',
['field1', 'field2'],
'bundled_field',
1024
);
const executor = new BundleExecutor({descriptor});
The grpc package provides a framework for implementing RPC (Remote Procedure Call) systems, which can be used to create client and server applications. It is similar to google-gax in that it is often used for communication with Google APIs, but it is a more general-purpose library that is not specific to Google.
Axios is a promise-based HTTP client for the browser and Node.js. It offers features like intercepting requests and responses, automatic transforms for JSON data, and client-side support for protecting against XSRF. While it does not provide the same API-specific extensions as google-gax, it is a popular choice for making HTTP requests in general.
The AWS SDK for JavaScript allows developers to interact with AWS services from Node.js. Similar to google-gax, it provides a set of tools for working with a specific cloud provider's APIs, but it is focused on Amazon Web Services rather than Google Cloud.
FAQs
Google API Extensions
The npm package google-gax receives a total of 3,775,938 weekly downloads. As such, google-gax popularity was classified as popular.
We found that google-gax demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
Security News
Socket CEO Feross Aboukhadijeh discusses open source security challenges, including zero-day attacks and supply chain risks, on the Cyber Security Council podcast.
Security News
Research
Socket researchers uncover how threat actors weaponize Out-of-Band Application Security Testing (OAST) techniques across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.