Research
2025 Report: Destructive Malware in Open Source Packages
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
By Kush Pandya - Dec 24, 2025
hs-fetch
**hs-fetch** is a TypeScript-based HTTP client library offering features like token management, retry logic, and timeout settings. It is designed to integrate seamlessly with frameworks like Next.js 14, supporting modern server and client-side rendering u
hs-fetch
hs-fetch is a TypeScript-based HTTP client library offering features like token management, retry logic, and timeout settings. It is designed to integrate seamlessly with frameworks like Next.js 14, supporting modern server and client-side rendering use cases.
Note: Comprehensive E2E testing has been conducted using Cypress to ensure reliability and stability across various scenarios.
Key Features
- Token Management: Automatically checks for token expiration and refreshes tokens as needed. Handles multiple requests in a queue during token refresh, ensuring only one refresh occurs at a time.
- Retry Logic: Retries requests on failure for a specified number of times, with configurable delay intervals. Manages
401 Unauthorizedresponses with a limit to prevent infinite loops. - Timeout Handling: Allows setting timeouts for requests, canceling them if the response takes too long.
- Hooks Support: Provides hooks for custom logic before and after requests.
- Next.js Integration: Options like
revalidateandtagsfor compatibility with Next.js ISR (Incremental Static Regeneration).
Installation
npm install hs-fetch
Usage Example
import Api from "hs-fetch";
// Create an API instance
const api = new Api({
baseUrl: "https://api.example.com",
getToken: () => localStorage.getItem("token"),
onRefreshToken: async () => {
// Implement token refresh logic
},
onRefreshTokenFailed: () => {
// Handle token refresh failure
},
authorizationType: "Bearer",
});
// Example GET request
const fetchData = async () => {
try {
const data = await api.get({
url: "/data",
query: { page: 1 },
revalidate: 60, // ISR revalidation
tags: ["data"], // ISR tags
});
console.log(data);
} catch (error) {
console.error("Error fetching data:", error);
}
};
// Example POST request
const postData = async () => {
try {
const response = await api.post({
url: "/data",
body: { name: "John Doe" },
onSuccess: (data) => {
console.log("Data posted successfully:", data);
},
onError: (error) => {
console.error("Error posting data:", error);
},
});
} catch (error) {
console.error("Error posting data:", error);
}
};
API Reference
Api Class
The Api class manages HTTP requests, handles token refresh, and implements retry logic.
Constructor
constructor(config: Partial<ApiConfig>)
Methods
get<T>(options: FetchOptions<T>): Promise<T>
post<T>(options: FetchOptions<T>): Promise<T>
put<T>(options: FetchOptions<T>): Promise<T>
patch<T>(options: FetchOptions<T>): Promise<T>
delete<T>(options: FetchOptions<T>): Promise<T>
These methods perform HTTP requests for their respective verbs, using FetchOptions for configuration.
FetchOptions Interface
FetchOptions allows you to customize your requests with various options.
interface FetchOptions<T = unknown> {
method?: string;
body?: T;
query?: Record<string, unknown>;
url: string;
headers?: Record<string, string>;
revalidate?: number;
tags?: string[];
retryCount?: number;
retryDelay?: number;
timeout?: number;
onSuccess?: (data: T) => void;
onError?: (error: Error) => void;
beforeRequest?: (url: string, options: RequestInit) => void;
afterResponse?: (response: Response) => void;
useToken?: boolean;
}
FAQs
**hs-fetch** is a TypeScript-based HTTP client library offering features like token management, retry logic, and timeout settings. It is designed to integrate seamlessly with frameworks like Next.js 14, supporting modern server and client-side rendering u
We found that hs-fetch demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Package last updated on 19 Jan 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Engineering with AI Podcast: The Promise of AI-First Development
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.
By Sarah Gooding - Dec 24, 2025
Research
/Security News
Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations
A five-month operation turned 27 npm packages into durable hosting for browser-run lures that mimic document-sharing portals and Microsoft sign-in, targeting 25 organizations across manufacturing, industrial automation, plastics, and healthcare for credential theft.
By Nicholas Anderson, Kirill Boychenko - Dec 23, 2025