Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Ultra-light (150 LOC, No dependencies) & Ultra-fast request library with reliable retry on failure, http/https, redirects, gzip/deflate/brotli, extensible, proxy, streams, JSON mode, forms, timeout
⭐️⭐️ Ensure your HTTP requests always reach their destination as efficiently as possible! ⭐️⭐️
Tested on Mac, Linux, Windows with NodeJS 16, 18, 19, 20
In most existing libraries (2023):
⚡️ Rock-req solves these problems with only 150 lines of code and zero dependencies
It also supports many features:
simple-get
API (fork source)When the callback is called, the request is 100% finished, even with streams.
Stop using "slow by-default" and "false-light" HTTP request libraries!
Library | NodeJS 16 | NodeJS 18 | NodeJS 20* | Size deps inc. |
---|---|---|---|---|
rock-req 🙋♂️ | 22816 req/s | 21797 req/s | 21964 req/s | 144 LOC |
simple-get | 2937 req/s | 3260 req/s | 21258 req/s | 317 LOC |
axios | 5090 req/s | 4910 req/s | 3196 req/s | 13983 LOC |
got | 2163 req/s | 1762 req/s | 9961 req/s | 9227 LOC |
fetch | 2101 req/s | 2102 req/s | 2020 req/s | 13334 LOC |
request | 2249 req/s | 1869 req/s | 15815 req/s | 46572 LOC |
superagent | 2776 req/s | 2100 req/s | 2895 req/s | 16109 LOC |
phin | 3178 req/s | 1164 req/s | 21299 req/s | 331 LOC |
undici* | 24095 req/s | 24378 req/s | 24191 req/s | 16225 LOC |
NodeJS 20 activates HTTP keep-alive by default, like
rock-req
undici
is a low-level API, faster alternative to the native NodeJS http module. It is the glass ceiling limit for NodeJS.
rock-req
uses only the native NodeJS http module and provides many high-level features, a lot more thanphin
andsimple-get
with fewer lines of code.
Tested on Macbook Pro M1 Max
npm install rock-req
The full documentation is here to reduce Node package file size.
This packaged in maintained by Carbone:
Thank you Feross Aboukhadijeh, creator of simple-get
5.1.3
keepAliveDuration
is used (was 3s by default)FAQs
Ultra-light (150 LOC, No dependencies) & Ultra-fast request library with reliable retry on failure, http/https, redirects, gzip/deflate/brotli, extensible, proxy, streams, JSON mode, forms, timeout
The npm package rock-req receives a total of 538 weekly downloads. As such, rock-req popularity was classified as not popular.
We found that rock-req demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.