Security News
New Python Packaging Proposal Aims to Solve Phantom Dependency Problem with SBOMs
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
grpc-caller
Advanced tools
An improved gRPC client.
$ npm install grpc-caller
Works as standard gRPC client:
const caller = require('grpc-caller')
const PROTO_PATH = path.resolve(__dirname, './protos/helloworld.proto')
const client = caller('0.0.0.0:50051', PROTO_PATH, 'Greeter')
client.sayHello({ name: 'Bob' }, (err, res) => {
console.log(res)
})
For request / response calls, also promisified if callback is not provided:
client.sayHello({ name: 'Bob' })
.then(res => console.log(res))
Which means means you can use is with async / await
const res = await client.sayHello({ name: 'Bob' })
console.log(res)
Lets say we have a remote call writeStuff
that accepts a stream of messages
and returns some result based on processing of the stream input.
Works as standard gRPC client:
const call = client.writeStuff((err, res) => {
if (err) console.error(err)
console.log(res)
})
// ... write stuff to call
If no callback is provided we promisify the call such that it returns an object
with two properties call
and res
such that:
call
- the standard stream to write to as returned normally by grpcres
- a promise that's resolved / rejected when the call is finished, in place of the callback.Using destructuring we can do something like:
const { call, res } = client.writeStuff()
res
.then(res => console.log(res))
.catch(err => console.error(err))
// ... write stuff to call
This means we can abstract the whole operation into a nicer promise returning
async function to use with async / await
async function writeStuff() {
const { call, res } = client.writeStuff()
// ... write stuff to call
return res
}
const res = await writeStuff()
console.log(res)
Metadata
creationAll standard gRPC client calls accept Metadata
as first or second parameter (depending on the call type). However one has to
manually create the Metadata object. This module uses
grpc-create-metadata
to automatically create Metadata if plain Javascript object is passed in.
// the 2nd parameter will automatically be converted to gRPC Metadata and
// included in the request
const res = await client.sayHello({ name: 'Bob' }, { requestid: 'my-request-id-123' })
console.log(res)
We can still pass an actual Metadata
object and it will be used as is:
const meta = new grpc.Metadata()
meta.add('requestid', 'my-request-id-123')
const res = await client.sayHello({ name: 'Bob' }, meta)
console.log(res)
Object
Create client isntance.
Kind: global function
Param | Type | Description |
---|---|---|
host | String | The host to connect to |
proto | String | Object | Path to the protocol buffer definition file or the static client constructor object itself |
name | String | In case of proto path the name of the service as defined in the proto definition. |
options | Object | Options to be passed to the gRPC client constructor |
Example (Create client dynamically)
const PROTO_PATH = path.resolve(__dirname, './protos/helloworld.proto')
const client = caller('localhost:50051', PROTO_PATH, 'Greeter')
Example (Create a static client)
const services = require('./static/helloworld_grpc_pb')
const client = caller('localhost:50051', services.GreeterClient)
Utility helper function to create Metadata
object from plain Javascript object.
See grpc-create-metadata
module.
Kind: static property of caller
Apache-2.0
FAQs
An improved Node.js gRPC client
The npm package grpc-caller receives a total of 3,583 weekly downloads. As such, grpc-caller popularity was classified as popular.
We found that grpc-caller demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
Security News
Socket CEO Feross Aboukhadijeh discusses open source security challenges, including zero-day attacks and supply chain risks, on the Cyber Security Council podcast.
Security News
Research
Socket researchers uncover how threat actors weaponize Out-of-Band Application Security Testing (OAST) techniques across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.