Installations
npm install @hisorange/circuitDeveloper Guide
Typescript
No
Module System
CommonJS
Score
63.8
Supply Chain
97.5
Quality
74.9
Maintenance
25
Vulnerability
98.9
License
Releases
Contributors
Unable to fetch Contributors
Languages
TypeScript (97.65%)
JavaScript (2.35%)
Developer
Download Statistics
Total Downloads
4,833
Last Day
6
Last Week
10
Last Month
59
Last Year
519
GitHub Statistics
3 Stars
100 Commits
2 Watching
3 Branches
1 Contributors
Bundle Size
27.58 kB
Minified
7.14 kB
Minified + Gzipped
Maintainers
Package Meta Information
Latest Version
0.4.2
Package Id
@hisorange/circuit@0.4.2
Unpacked Size
63.72 kB
Size
16.57 kB
File Count
87
Publised On
20 Jul 2023
Total Downloads
Cumulative downloads
Total Downloads
4,833
Last day
50%
6
Compared to previous day
Last week
-72.2%
10
Compared to previous week
Last month
-6.3%
59
Compared to previous month
Last year
-56.3%
519
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
2
Dev Dependencies
6
Optional Dependencies
1
Circuit - Versatile Messaging Solution written in Typescript
Easy to use package to manage asynchronous messaging through multiple medium. Supports the most common publish / subscribe, and RPC (Remote Procedure Call) methodologies.
Why should you use it? Because it's built for progression!
It's written for projects where the transporting medium will change overtime; There are solutions with support a single medium and all of it's advantages.
But as far as we aware, most of the project starts small and hopefully they grow requirements over time, so it would be utmost wasteful to start your micro application on a high throughput messaging medium like kafka.
Out of the box the package starts with a simple in-memory transport, with this you can kickstart your project without external requirements. And as time goes you can easily upgrade to better transports like redis, amqp, etc... with just a single line of code, so no need for refactoring!
Getting Started
1npm i @hisorange/circuit 2# or 3yarn add @hisorange/circuit
Example: Remote Procedure Call
1// Initialize your transport driver 2const transport = new IoRedisTransport(); 3 4// Initialize the nodes (different machines IRL) 5const node1 = new Circuit('node1', transport); 6const node2 = new Circuit('node2', transport); 7 8// Estabilize the connections 9await node1.connect(); 10await node2.connect(); 11 12// Create a responder 13await node1.respond<SumAction>('sum' (msg) => msg.content.a + msg.content.b); 14 15// Request the responder to execute the call 16assert(await node2.request<SumAction>('sum', { a: 2, b: 2}) === 4);
Request options
| Key | Default | Description |
|---|---|---|
| ttl | 60000 | Maximum wait time before the message is ignored |
Response options
| Key | Default | Description |
|---|---|---|
| concurrency | Infinity | Maximum concurrent execution |
Example: Publish / Subscribe
1const node = new Circuit(); 2 3// Simply publish the event you want to broadcast 4node.publish<UserCreatedEvent>('user.created', user); 5 6// And receive it on every listening node ^.^ 7node.subscribe<UserCreatedEvent>('user.created', sendWelcomeEmailToUser);
Technicalities
TypeScript: Everything is written in typescript from the get go, so You can have the best DX possible :)
Response Routing: When You are using the RPC request/respond model, the package manages the responses on a single channel to reduce the load on the messaging queue, with this small solution the queue does not have to open and close channels on every single RPC call.
Network Mapping: Before You send a request the circuit checks if there is anyone to serve it, this helps to prevent hanging requests. Each circuits on the network communicates their services to every other circuit, so the requests can be routed to specific actors.
Supported Transport Mediums
| Transport | Dependency | Support | Notes |
|---|---|---|---|
| InMemory | - | ✓ | Emulates an external queue's behavior |
| Redis | ioredis | ✓ | Excellent for smaller installations |
| RabbitMQ | amqplib | Coming Soon | Purpose designed messaging platform |
| NATS | - | Coming Soon | Fast and small messaging platform |
| Kafka | - | - | High throughput scalable solution |
Links
What's with the weird name?
This package is part of a theme where I am trying to reuse the hardware namings in code and let the programers build on familiar known solutions. The circuit represents the circuit board similar to what we have on a PCB the listeners connect to lines and the board is simply handling the connections between them.
Changelog
Track changes in the Changelog
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
6 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-7qqq-gh2f-wq76
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/ci.yml:1
- Info: no jobLevel write permissions found
Reason
Found 0/18 approved changesets -- score normalized to 0
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:133: update your workflow using https://app.stepsecurity.io/secureworkflow/hisorange/circuit/ci.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:136: update your workflow using https://app.stepsecurity.io/secureworkflow/hisorange/circuit/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/hisorange/circuit/ci.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/hisorange/circuit/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/hisorange/circuit/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/hisorange/circuit/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/hisorange/circuit/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:81: update your workflow using https://app.stepsecurity.io/secureworkflow/hisorange/circuit/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/hisorange/circuit/ci.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:101: update your workflow using https://app.stepsecurity.io/secureworkflow/hisorange/circuit/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/hisorange/circuit/ci.yml/main?enable=pin
- Info: 0 out of 8 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 3 third-party GitHubAction dependencies pinned
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'main'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 13 are checked with a SAST tool
Score
2.9
/10
Last Scanned on 2025-01-27
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More