Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
http-problem-details-mapper
Advanced tools
Based on http-problem-details
(repository | npm), this library allows you to map your Node.js errors to HTTP Problem details by convention.
npm install http-problem-details-mapper
or
yarn add http-problem-details-mapper
Make sure to have the peer dependency http-problem-details
installed as well.
http-problem-details-mapper
is part of a set of libraries you can use to create HTTP Problem Details documents (by means of http-problem-details
(RFC 7807) and map Errors (or literally everything) into an HTTP Problem Document.
http-problem-details-mapper
can be used to build a mapping middleware or plugin for your HTTP library of choice.
There's already a mapping middleware available for express
: express-http-problem-details
.
http-problem-details-mapper
provides several classes you need to use:
MapperRegistry
which holds an arbitrary number of ErrorMapper
instances you implementMappingStrategy
which has a MapperRegistry
containing the ErrorMapper
instancesErrorMapper
itself maps an object (typically one of your Error
types) to a ProblemDocument
The typical workflow with http-problem-details-mapper
is this:
First, you implement an Error
class NotFoundError extends Error {
constructor (options) {
const { type, id } = options
super()
Error.captureStackTrace(this, this.constructor)
this.message = `${type} with id ${id} could not be found.`
}
}
Next, you implement an ErrorMapper
(in TypeScript you can use an IErrorMapper
interface to implement a mapper from scratch):
import { ErrorMapper } from 'http-problem-details-mapper'
import { ProblemDocument } from 'http-problem-details'
class NotFoundErrorMapper extends ErrorMapper {
constructor () {
super(NotFoundError)
}
mapError (error) {
return new ProblemDocument({
status: 404,
title: error.message,
type: 'http://tempuri.org/NotFoundError'
})
}
}
Then, create the IMappingStrategy
implementation:
class MyMappingStrategy {
constructor (registry) {
this.registry = registry
}
map (error) {
const err = error
const errorMapper = this.registry.getMapper(error)
if (errorMapper) {
return errorMapper.mapError(err)
}
// alternatively, return a generic problem document
throw new Error('Could not map error')
}
}
Finally, create an instance of MyMappingStrategy
and map an registered error type.
import { MapperRegistry } from 'http-problem-details-mapper'
const strategy = new MyMappingStrategy(
new MapperRegistry()
.registerMapper(new NotFoundErrorMapper()))
const error = new NotFoundError({ type: 'customer', id: '123' })
const problem = strategy.map()
console.log(problem)
The result will be like this:
{
"status": 404,
"title": "customer with id 123 could not be found.",
"type": "http://tempuri.org/NotFoundError"
}
MapperRegistry
also by default has a mapper named DefaultErrorMapper
which maps generic Error
instances to HTTP status code 500 problem documents. MapperRegistry
also has an option useDefaultErrorMapper
of type boolean
which allows you to disable the DefaultErrorMapper
so you can register your own IErrorMapper
for Error
.
There's another mapper named StatusCodeErrorMapper
which simply acts as a factory for ProblemDocuments
where you only want to provide an HTTP error status code:
import { StatusCodeErrorMapper } from 'http-problem-details-mapper'
const problem = StatusCodeErrorMapper.mapStatusCode(400)
Similar to the DefaultErrorMapper
there's also a DefaultMappingStrategy
which you can use if you have no specific requirements regarding the mapping behavior.
It can be used like this:
import { MapperRegistry, DefaultMappingStrategy } from 'http-problem-details-mapper'
const strategy = new DefaultMappingStrategy(
new MapperRegistry()
.registerMapper(new NotFoundErrorMapper()))
const error = new NotFoundError({ type: 'customer', id: '123' })
const problem = strategy.map()
console.log(problem)
npm test
or
yarn test
This project is just getting off the ground and could use some help with cleaning things up and refactoring.
If you want to contribute - we'd love it! Just open an issue to work against so you get full credit for your fork. You can open the issue first so we can discuss and you can work your fork as we go along.
If you see a bug, please be so kind as to show how it's failing, and we'll do our best to get it fixed quickly.
Before sending a PR, please create an issue to introduce your idea and have a reference for your PR.
We're using conventional commits, so please use it for your commits as well.
Also please add tests and make sure to run npm run lint-ts
or yarn lint-ts
.
MIT License
Copyright (c) 2019 PDMLab
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
FAQs
Mapper functions for http-problem-details
We found that http-problem-details-mapper demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.