Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
swagger-client
Advanced tools
The swagger-client npm package is a JavaScript client for Swagger/OpenAPI specifications. It allows you to interact with APIs described by Swagger/OpenAPI documents, making it easier to consume and interact with RESTful services.
Initialize Client
This feature allows you to initialize a Swagger client by providing the URL to the Swagger/OpenAPI specification. The client can then be used to interact with the API described by the specification.
const Swagger = require('swagger-client');
const client = new Swagger({ url: 'http://petstore.swagger.io/v2/swagger.json' });
Make API Calls
This feature allows you to make API calls using the initialized client. In this example, the client is used to call the 'getPetById' operation from the Petstore API.
client.then(client => {
client.apis.pet.getPetById({ petId: 1 }).then(response => {
console.log(response);
});
});
Handle Authentication
This feature allows you to handle authentication by providing authorization details when initializing the client. In this example, an API key is provided for authentication.
const client = new Swagger({
url: 'http://petstore.swagger.io/v2/swagger.json',
authorizations: {
api_key: new Swagger.ApiKeyAuthorization('api_key', 'YOUR_API_KEY', 'query')
}
});
Axios is a promise-based HTTP client for the browser and Node.js. While it does not specifically target Swagger/OpenAPI specifications, it can be used to make HTTP requests to any API. Compared to swagger-client, axios is more general-purpose and does not provide built-in support for Swagger/OpenAPI documents.
openapi-client-axios is a package that combines the capabilities of Axios with OpenAPI specifications. It allows you to generate an Axios client from an OpenAPI document, similar to swagger-client. However, it leverages Axios for making HTTP requests, providing a more flexible and widely-used HTTP client.
swagger-js is another JavaScript client for Swagger/OpenAPI specifications. It provides similar functionality to swagger-client, allowing you to interact with APIs described by Swagger/OpenAPI documents. The main difference is in the implementation and API design, but both packages serve the same purpose.
Swagger Client is a JavaScript module that allows you to fetch, resolve, and interact with Swagger/OpenAPI documents.
This is the new version of swagger-js, 3.x. The new version supports Swagger 2.0 as well as OpenAPI 3.
Want to learn more? Check out our FAQ.
For features known to be missing from 3.x please see the Graveyard.
For the older version of swagger-js, refer to the 2.x branch.
The npm package is called
swagger-client
and the GitHub repository isswagger-js
. We'll be consolidating that soon. Just giving you the heads-up. You may see references to both names.
The OpenAPI Specification has undergone multiple revisions since initial creation in 2010. Compatibility between Swagger Client and the OpenAPI Specification is as follows:
Swagger Client Version | Release Date | OpenAPI Spec compatibility | Notes |
---|---|---|---|
3.19.x | 2023-01-23 | 2.0, 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.1.0 | tag v3.19.0-alpha.3 |
3.10.x | 2020-01-17 | 2.0, 3.0.0, 3.0.1, 3.0.2, 3.0.3 | tag v3.10.0 |
2.1.32 | 2017-01-12 | 1.0, 1.1, 1.2 | tag v2.1.32. This release is only available on GitHub. |
Swagger Client uses Scarf to collect anonymized installation analytics. These analytics help support the maintainers of this library and ONLY run during installation. To opt out, you can set the scafeSettings.enabled
field to false
in your project's package.json
:
// package.json
{
// ...
"scarfSettings": {
"enabled": false
}
// ...
}
Alternatively, you can set the environment variable SCARF_ANALYTICS
to false
as part of the environment that installs your npm packages, e.g., SCARF_ANALYTICS=false npm install
.
swagger-client
requires Node.js >=12.20.0
and uses different fetch
implementation depending
on Node.js version.
>=12.20.0 <18
- node-fetch@3>=18
- native Node.js fetchNOTE: swagger-client minimum Node.js runtime version aligns with Node.js Releases which means that we can drop support for EOL (End Of Life) Node.js versions without doing major version bump.
swagger-client
works in the latest versions of Chrome, Safari, Firefox, and Edge
and uses native fetch implementation
provided by each supported browser.
Please disclose any security-related issues or vulnerabilities by emailing security@swagger.io, instead of using the public issue tracker.
FAQs
SwaggerJS - a collection of interfaces for OAI specs
The npm package swagger-client receives a total of 337,567 weekly downloads. As such, swagger-client popularity was classified as popular.
We found that swagger-client demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.