Security News
The Hidden Blast Radius of the Axios Compromise
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.
By Ahmad Nassri - Apr 01, 2026
New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →
Gotify JavaScript Client
What is it
This module is a Node.js client for Gotify, a simple server for sending and receiving messages.
Why
I needed a Node.js client to get instant notification on my Phone.
Actually, the Gotify API for sending message is really simple. It is basically a POST request to the /message endpoint. This client makes it even easier and straightforward.
Changelog
See CHANGELOG.md
Install
npm install gotify
Usage
const { gotify } = require("gotify");
// Typescript
// import { gotify } from "gotify";
await gotify({
server: "http://gotify.example.com",
app: "yourAppToken",
title: "some title",
message: "some msg",
priority: 5,
});
Or, you can instantiate Gotify class:
const { gotify } = require("gotify");
// Typescript
// import { gotify } from "gotify";
const client = new Gotify({
server: "http://gotify.example.com",
});
await client.send({
app: "yourAppToken",
title: "some title",
message: "some msg",
priority: 5,
});
To add message Extras, simply pass them (TypeScript should autocomplete the known extras):
await gotify({
server: server,
app: app,
title: "A Markdown message",
message: `This is a **message** with the !`,
priority: 5,
// Extras are defined here https://gotify.net/docs/msgextras
extras: {
// Format message as markdown
"client::display": {
contentType: "text/markdown",
},
// Opens the URL on notification click.
"client::notification": {
click: { url: "https://github.com/gotify" },
},
// Opens the URL after the notification was delivered.
// Only works when the gotify app is in focus (limitation of android)
"android::action": {
onReceive: { intentUrl: "https://gotify.net" },
},
},
});
API
Send message
Either use gotify() or instantiate new Gotify().
Fields:
server(required): the server you are using, eg. "http://gotify.example.com"app(required): this is the application token that you get when creating an applicationmessage(required): the message's titletitle(optional): the message's titlepriority(optional): the message's priority. On my Android phone, priority>=4 will trigger the notification sound/vibrate, less will just display the notification bubble.extras(optional): the message's extras as defined in the documentation
TODO/MAYBE
- ? Set Markdown with a flag:
markdown: true - ? Could specify the application token in the
Gotifyclass to not pass it when sending a message - ? Support for custom http client (put
gotas a peerDependency and provides example with node-fetch and axios)
Keywords
FAQs
Gotify JS Client
The npm package gotify receives a total of 374 weekly downloads. As such, gotify popularity was classified as not popular.
We found that gotify demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 17 Jun 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Supply Chain Attack on Axios Pulls Malicious Dependency from npm
A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.
By Socket Research Team - Mar 31, 2026
Research
TeamPCP Compromises Telnyx Python SDK to Deliver Credential-Stealing Malware
Malicious versions of the Telnyx Python SDK on PyPI delivered credential-stealing malware via a multi-stage supply chain attack.
By Socket Research Team - Mar 27, 2026