npmpackage.info

@env0/http-json-body-parser

🛵 The stylish Node.js middleware engine for AWS Lambda 🛵

1.0.0-alpha.29-reviver-0.2

MIT

JavaScript

3.21 kB

4,606 2.6

Installations

npm install @env0/http-json-body-parser

Developer Guide

BETA

Typescript

No

Module System

N/A

Min. Node Version

>=6.10

Node Version

11.12.0

NPM Version

6.7.0 Score

Supply Chain

96.8

Quality

82.2

Maintenance

100

Vulnerability

100

License

Pull Requests

Open

0

Total

0

Closed

0

Issues

Open

0

Total

0

Closed

0

Releases

Unable to fetch releases

Contributors

Unable to fetch Contributors

View all 1 contributors

Languages

JavaScript

TypeScript

CSS

Shell

JavaScript (89.48%)

TypeScript (5.78%)

CSS (4.71%)

Shell (0.03%)

Developer

env0

Download Statistics

Total Downloads

4,606

Last Day

Last Week

Last Month

Last Year

136

GitHub Statistics

1,380 Commits

1 Watching

1 Branches

1 Contributors

Bundle Size

8.28 kB

Minified

3.21 kB

Minified + Gzipped

Bundlephobia

Maintainers

Package Meta Information

Latest Version

1.0.0-alpha.29-reviver-0.2

Package Id

@env0/http-json-body-parser@1.0.0-alpha.29-reviver-0.2

Unpacked Size

8.67 kB

Size

3.37 kB

File Count

NPM Version

6.7.0

Node Version

11.12.0

Total Downloads

Cumulative downloads

Total Downloads

4,606

Last day

-66.7%

Compared to previous day

Last week

66.7%

Compared to previous week

Last month

140%

Compared to previous month

Last year

-15%

136

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

@types/http-errors content-type http-errors

Peer Dependencies

@middy/core

Versions

Middy http-json-body-parser middleware

HTTP json body parser middleware for the middy framework, the stylish Node.js middleware engine for AWS Lambda

This middleware automatically parses HTTP requests with a JSON body and converts the body into an object. Also handles gracefully broken JSON as UnprocessableEntity (422 errors) if used in combination with httpErrorHandler.

It can also be used in combination with validator as a prior step to normalize the event body input as an object so that the content can be validated.

Install

To install this middleware you can use NPM:

1npm install --save @middy/http-json-body-parser

Options

This middleware does not have any option

Sample usage

1const middy = require('@middy/core')
2const httpJsonBodyParser = require('@middy/http-json-body-parser')
3
4const handler = middy((event, context, cb) => {
5  cb(null, {})
6})
7
8handler.use(httpJsonBodyParser())
9
10// invokes the handler
11const event = {
12  headers: {
13    'Content-Type': 'application/json'
14  },
15  body: JSON.stringify({foo: 'bar'})
16}
17handler(event, {}, (_, body) => {
18  expect(body).toEqual({foo: 'bar'})
19})

Middy documentation and examples

For more documentation and examples, refers to the main Middy monorepo on GitHub or Middy official website.

Contributing

Everyone is very welcome to contribute to this repository. Feel free to raise issues or to submit Pull Requests.

License

No vulnerabilities found.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

License

Determines if the project has defined a license.

1

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 1

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/benchmarks.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/env0/middy/benchmarks.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/benchmarks.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/env0/middy/benchmarks.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/benchmarks.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/env0/middy/benchmarks.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/benchmarks.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/env0/middy/benchmarks.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/env0/middy/lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/env0/middy/lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/env0/middy/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/env0/middy/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/env0/middy/tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/env0/middy/tests.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/typings.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/env0/middy/typings.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/typings.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/env0/middy/typings.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/website-publish.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/env0/middy/website-publish.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/website-publish.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/env0/middy/website-publish.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/website-publish.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/env0/middy/website-publish.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/website-test.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/env0/middy/website-test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/website-test.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/env0/middy/website-test.yml/main?enable=pin
Warn: npmCommand not pinned by hash: .github/workflows/benchmarks.yml:30
Warn: npmCommand not pinned by hash: .github/workflows/benchmarks.yml:33
Warn: npmCommand not pinned by hash: .github/workflows/lint.yml:28
Warn: npmCommand not pinned by hash: .github/workflows/lint.yml:31
Warn: npmCommand not pinned by hash: .github/workflows/release.yml:26
Warn: npmCommand not pinned by hash: .github/workflows/release.yml:34
Warn: npmCommand not pinned by hash: .github/workflows/tests.yml:29
Warn: npmCommand not pinned by hash: .github/workflows/tests.yml:32
Warn: npmCommand not pinned by hash: .github/workflows/typings.yml:28
Warn: npmCommand not pinned by hash: .github/workflows/typings.yml:31
Info: 0 out of 15 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 2 third-party GitHubAction dependencies pinned
Info: 2 out of 12 npmCommand dependencies pinned

0

Maintained

Determines if the project is "actively maintained".

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

SAST

Determines if the project uses static code analysis.

0

Security-Policy

Determines if the project has published a security policy.

0

Fuzzing

Determines if the project uses fuzzing.

0

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

44 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-j9fq-vwqv-2fm2
Warn: Project is vulnerable to: GHSA-pqw5-jmp5-px4v
Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Warn: Project is vulnerable to: GHSA-f9xv-q969-pqx4
Warn: Project is vulnerable to: GHSA-776f-qx25-q3cc
Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
Warn: Project is vulnerable to: GHSA-c2jc-4fpr-4vhg
Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
Warn: Project is vulnerable to: GHSA-mf6x-hrgr-658f
Warn: Project is vulnerable to: GHSA-xrh7-m5pp-39r6
Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488
Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g
Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
Warn: Project is vulnerable to: GHSA-4wf5-vphf-c2xc
Warn: Project is vulnerable to: GHSA-w5p7-h5w8-2hfq
Warn: Project is vulnerable to: GHSA-fhg7-m89q-25r3
Warn: Project is vulnerable to: GHSA-hc6q-2mpp-qw7j
Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986
Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q

Score

2.6

/10

Last Scanned on 2025-02-03

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More