Security News
Crates.io Implements Trusted Publishing Support
Crates.io adds Trusted Publishing support, enabling secure GitHub Actions-based crate releases without long-lived API tokens.
By Sarah Gooding - Jul 16, 2025
You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 4-6.RSVP →
xray-client-js
Advanced tools
xray-client-js
Xray Javascript Client is a javascript library, which wraps some of the REST APIs exposed by JFrog Xray.
Xray Javascript Client
Xray Javascript Client is a Javascript library, which wraps some of the REST APIs exposed by JFrog Xray.
Getting started
Add xray-client-js as a dependency to your package.json file:
"dependencies": {
"xray-client-js": "^1.0.0"
}
APIs
Setting up Xray client
let xrayClient = new XrayClient({
serverUrl: 'ArtifactoryUrl',
username: 'username',
password: 'password',
proxy: {host: '<organization>-xray.jfrog.io', port: 80, protocol: 'https'},
headers: { 'key1': 'value1', 'key2': 'value2' };
});
Pinging Xray
xrayClient.system().ping()
.then(result => {
console.log(result);
})
.catch(error => {
console.error(error);
});
Getting Xray version
xrayClient.system().version()
.then(result => {
console.log(result);
})
.catch(error => {
console.error(error);
});
Scanning bulk of dependencies
let express = new ComponentDetails('npm://express:4.0.0');
let request = new ComponentDetails('npm://request:2.0.0');
xrayClient.summary().component({
component_details: [express, request]
})
.then(result => {
console.log(JSON.stringify(result));
})
.catch(error => {
console.error(error);
});
Building and testing the sources
To build the plugin sources, please follow these steps:
-
Clone the code from git.
-
Install and pack the xray-client-js dependency locally, by running the following npm commands:
npm i && npm pack
If you'd like run the xray-client-js integration tests, follow these steps:
- Make sure your Xray instance is up and running.
- Set the CLIENTTESTS_XRAY_URL, CLIENTTESTS_XRAY_USERNAME and CLIENTTESTS_XRAY_PASSWORD environment variables with your Xray URL, username and password.
- Run the following command:
npm t
Important: The tests use port 9090 to set up an HTTP proxy server. If this port is already used on the machines which runs the tests, please replace it in the tests code with a different port.
Pull requests
We welcome pull requests from the community.
Guidelines
- Before creating your first pull request, please join our contributors community by signing JFrog's CLA.
- If the existing tests do not already cover your changes, please add tests.
- Pull requests should be created on the dev branch.
- Please run
npm run formatfor formatting the code before submitting the pull request.
FAQs
Xray Javascript Client is a javascript library, which wraps some of the REST APIs exposed by JFrog Xray.
We found that xray-client-js demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 30 Dec 2020
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Tracking Protestware Spread: 28 npm Packages Affected by Payload Targeting Russian-Language Users
Undocumented protestware found in 28 npm packages disrupts UI for Russian-language users visiting Russian and Belarusian domains.
By Olivia Brown - Jul 15, 2025
Research
/Security News
Contagious Interview Campaign Escalates With 67 Malicious npm Packages and New Malware Loader
North Korean threat actors deploy 67 malicious npm packages using the newly discovered XORIndex malware loader.
By Kirill Boychenko - Jul 14, 2025