Security News
Introducing the Socket Python SDK
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
itty-router
Advanced tools
A tiny, zero-dependency router, designed to make beautiful APIs in any environment.
Itty is arguably the smallest (~450 bytes) feature-rich JavaScript router available, while enabling dead-simple API code.
Designed originally for Cloudflare Workers, itty can be used in browsers, service workers, edge functions, or runtimes like Node, Bun, etc.!
Complete API documentation is available at itty.dev/itty-router, or join our Discord channel to chat with community members for quick help!
npm install itty-router
import {
error, // creates error responses
json, // creates JSON responses
Router, // the ~440 byte router itself
withParams, // middleware: puts params directly on the Request
} from 'itty-router'
import { todos } from './external/todos'
// create a new Router
const router = Router()
router
// add some middleware upstream on all routes
.all('*', withParams)
// GET list of todos
.get('/todos', () => todos)
// GET single todo, by ID
.get(
'/todos/:id',
({ id }) => todos.getById(id) || error(404, 'That todo was not found')
)
// 404 for everything else
.all('*', () => error(404))
// Example: Cloudflare Worker module syntax
export default {
fetch: (request, ...args) =>
router
.handle(request, ...args)
.then(json) // send as JSON
.catch(error), // catch errors
}
Itty does a few things very differently from other routers. This allows itty route code to be shorter and more intuitive than most!
In itty, you simply return (anything) to exit the flow. If any handler ever returns a thing, that's what the router.handle
returns. If it doesn't, it's considered middleware, and the next handler is called.
That's it!
// not middleware: any handler that returns (anything at all)
(request) => [1, 4, 5, 1]
// middleware: simply doesn't return
const withUser = (request) => {
request.user = 'Halsey'
}
// a middleware that *might* return
const onlyHalsey = (request) => {
if (request.user !== 'Halsey') {
return error(403, 'Only Halsey is allowed to see this!')
}
}
// uses middleware, then returns something
route.get('/secure', withUser, onlyHalsey,
({ user }) => `Hey, ${user} - welcome back!`
)
We've been stuck in this pattern for over a decade. Almost every router still expects you to build and return a Response... in every single route.
We think you should be able to do that once, at the end. In most modern APIs for instance, we're serving JSON in the majority of our routes. So why handle that more than once?
router
// we can still do it the manual way
.get('/traditional', (request) => json([1, 2, 3]))
// or defer to later
.get('/easy-mode', (request) => [1, 2, 3])
// later, when handling a request
router
.handle(request)
.then(json) // we can turn any non-Response into valid JSON.
We await
every handler, looking for a return value. If we get one, we break the flow and return your value. If we don't, we continue processing handlers/routes until we do. This means that every handler can either be synchronous or async - it's all the same.
When paired with the fact that we can simply return raw data and transform it later, this is AWESOME for working with async APIs, database layers, etc. We don't need to transform anything at the route, we can simply return the Promise (to data) itself!
Check this out:
import { myDatabase } from './somewhere'
router
// assumes getItems() returns a Promise to some data
.get('/items', () => myDatabase.getItems())
// later, when handling a request
router
.handle(request)
.then(json) // we can turn any non-Response into valid JSON.
We only require one argument in itty - a Request-like object with the following shape: { url, method }
(usually a native Request). Because itty is not opinionated about Response creation, there is not "response" argument built in. Every other argument you pass to route.handle
is given to each handler, in the same order.
This makes itty one of the most platform-agnostic routers, period, as it's able to match up to any platform's signature.
Here's an example using Cloudflare Worker arguments:
router
.get('/my-route', (request, environment, context) => {
// we can access anything here that was passed to `router.handle`.
})
// Cloudflare gives us 3 arguments: request, environment, and context.
// Passing them to `route.handle` gives every route handler (above) access to each.
export default {
fetch: (request, env, ctx) => router
.handle(request, env, ctx)
.then(json)
.catch(error)
}
Have a question? Suggestion? Complaint? Want to send a gift basket?
Join us on Discord!
yarn
yarn dev
These folks are the real heroes, making open source the powerhouse that it is! Help out and get your name added to this list! <3
FAQs
A tiny, zero-dependency router, designed to make beautiful APIs in any environment.
The npm package itty-router receives a total of 34,053 weekly downloads. As such, itty-router popularity was classified as popular.
We found that itty-router demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
Security News
Floating dependency ranges in npm can introduce instability and security risks into your project by allowing unverified or incompatible versions to be installed automatically, leading to unpredictable behavior and potential conflicts.
Security News
A new Rust RFC proposes "Trusted Publishing" for Crates.io, introducing short-lived access tokens via OIDC to improve security and reduce risks associated with long-lived API tokens.