Security News
NVD Backlog Tops 20,000 CVEs Awaiting Analysis as NIST Prepares System Updates
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
#minreq A minimalistic request library for node.
##How? npm install minreq
##Why?
The most common library used to perform http(s)-requests in node is request. While it works, it has a lot of features that aren't needed in most cases (eg. cookies, oauth). Besides, the code isn't as fast as it can be. This project is intended to replace request
in cases where it's simply too heavy.
##What? ###Features
request
like apirequest
is a giant)Stream#pipe
is supported)###Options
uri
: Object that's passed to http(s).request (as described here)followRedirect
: Boolean that indicates whether redirects should be followedmaxRedirects
: int with the maximum number of redirects (defaults to 10)body
: that data that should be passed to the requestencoding
: the encoding that all data should use (the body will always be a string)timeout
: a request times out if it passes this limit. Defaults to 10000 (read: 10 seconds)only2xx
: only permit status codes >= 200 and < 300 (otherwise, throw an error)###TODO
FAQs
minimalistic request library
The npm package minreq receives a total of 7,833 weekly downloads. As such, minreq popularity was classified as popular.
We found that minreq demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.
Security News
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.