Gathering detailed insights and metrics for @justeat/f-http
Gathering detailed insights and metrics for @justeat/f-http
Installations
npm install @justeat/f-httpDeveloper Guide
BETA
Typescript
No
Module System
CommonJS
Min. Node Version
>=14
Node Version
20.12.2
NPM Version
lerna/3.22.1/node@v20.12.2+x64 (linux)
Score
69.2
Supply Chain
98.6
Quality
84.5
Maintenance
100
Vulnerability
100
License
Releases
356
core-analytics@1.21.0
core-analytics@1.21.0
Published on 11 Jul 2023
f-header@v10.15.0
f-header@v10.15.0
Published on 26 Jun 2023
f-registration@3.8.0
f-registration@3.8.0
Published on 28 Oct 2022
f-registration@3.7.2
f-registration@3.7.2
Published on 21 Oct 2022
f-error-message@2.3.0
f-error-message@2.3.0
Published on 03 Oct 2022
f-header@10.7.0
f-header@10.7.0
Published on 13 Sept 2022
Contributors
78
Unable to fetch Contributors
Languages
8
JavaScript
Vue
SCSS
MDX
HTML
CSS
Handlebars
Shell
JavaScript (73.55%)
Vue (17.7%)
SCSS (5.65%)
MDX (2.88%)
HTML (0.19%)
CSS (0.01%)
Handlebars (0.01%)
Developer
Download Statistics
Total Downloads
13,265
Last Day
1
Last Week
1
Last Month
5
Last Year
2,210
GitHub Statistics
16 Stars
1,971 Commits
38 Forks
32 Watching
271 Branches
78 Contributors
Bundle Size
32.16 kB
Minified
11.19 kB
Minified + Gzipped
Maintainers
29
Package Meta Information
Latest Version
1.1.1
Package Id
@justeat/f-http@1.1.1
Unpacked Size
407.12 kB
Size
110.07 kB
File Count
8
NPM Version
lerna/3.22.1/node@v20.12.2+x64 (linux)
Node Version
20.12.2
Publised On
29 Apr 2024
Total Downloads
Cumulative downloads
Total Downloads
13,265
Last day
0%
1
Compared to previous day
Last week
-75%
1
Compared to previous week
Last month
-90.7%
5
Compared to previous month
Last year
167.6%
2,210
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
2
Versions
f-http
Javascript HTTP client for interacting with restful services
This package exposes methods for interacting with restful services, it may abstract any number of popular NPM packages which provide the ability to perform GET, PUT, POST, PATH, DELETE requests; while also adding some additional benefits.
Benefits (Now)
- Easy configuration of reusable clients which can be retrieved from context
- Enables us to switch to alternative HTTP packages when desired
- Sensible defaults, with the ability to override everything
- Ability to set authorisation tokens for all requests for specific clients
- Ability to automatically collect stats showing how long real API calls take
Benefits (Soon)
- Opt-in ability to use dynamic timeouts
Usage
Installation
Install the module using npm or Yarn
1yarn add @justeat/f-http
Initialisation
Ideally the package should be initialised by your website and the httpClient placed in context or a prototype, rather than initialising it in each individual component or every time you make a request.
Initialise an httpClient
1import httpModule from '@justeat/f-http'; 2 3const options = { // Options are described later 4 baseUrl: 'https://jsonplaceholder.typicode.com' 5}; 6 7// Optional: Implement wrapper using cookie tech you have available 8// Enables conversation ID to be automatically provided with requests 9const getCookieFunction = cookieName => app.$cookies.get(cookieName); 10 11const httpClient = new httpModule.CreateClient(options, getCookieFunction); 12 13// WHEN: Using a Nuxt Plugin 14inject('http', httpClient); 15 16// WHEN: Using Vue CLI 17Vue.prototype.$http = httpClient;
Basic Usage
Recommended: Using the prototype (Vue) or context (Nuxt). You can access $http in components, or anywhere the context is available including vuex modules.
1export default { 2 data () { 3 return { 4 apiResult: null 5 } 6 }, 7 async mounted () { 8 this.apiResult = await this.$http.get('/todos/1'); 9 } 10}
Alternative Implementation
If you would rather create the HTTPClient when you use it, that's fine too; it just means it can't be reused as easily and you will need to filter the configuration options down to the component.
1export default { 2 async mounted () { 3 const configuration = { // Options are described later 4 baseUrl: 'https://jsonplaceholder.typicode.com' 5 }; 6 7 const httpClient = new httpModule.CreateClient(configuration); 8 9 const result = await httpClient.get('/todos/1'); 10 } 11}
Setting Authorisation Token
You can globally set the authorisation token so that all requests provide it
1// Some event happened that means we now have a token 2export default { 3 mounted () { 4 this.$http.setAuthorisationToken('my token'); 5 } 6}
Unit Testing Guidance
Because $http exists in context, it should be really easy to mock it in any way you want. Check out the example below
1const wrapper = mount(MyComponent, { 2 mocks: { 3 $http: { 4 get: jest.fn() 5 } 6 } 7});
Integration / System Testing Guidance
The module exposes a way to create a MockClient, so you can mock the underlying API with pre-configured responses.
1import { httpVerbs, MockFactory, CreateClient } from '@justeat/f-http'; 2 3const mockFactory = new MockFactory(); 4const httpClient = new CreateClient(); 5 6const wrapper = mount(MyComponent, { 7 mocks: { 8 $http: httpClient 9 } 10}); 11 12// Reset all previously configured responses 13mockFactory.reset(); 14 15// Setup a fake response 16mockFactory.setupMockResponse(httpVerbs.POST, '/URL', REQUEST_DATA, 201);
Parameters
None of these parameters are required, but using them enables you to customise your http client
| Option | Description | Type | Default |
|---|---|---|---|
| options | An object containing options you wish to override (see below) | object | {} |
| getCookieFunction | Wrapper function providing ability to read cookies | function | null |
| statisticsClient | Instance of f-statistics to capture dependency timings | object | null |
Options
All options are optional, you don't need to specify any overrides if you are happy with the default values
| Option | Description | Type | Default |
|---|---|---|---|
| baseUrl | Ensure all requests from this client use a relative url | string | '' |
| timeout | How long each request takes to timeout | number | 10000 |
| errorCallback | A function you can use to globally handle errors (accepts error object) | function | null |
| contentType | Specify a value for the content type header | string | 'application/json' |
Client Methods
These are all of the methods exposed by the httpClient
| Method | Description | Parameters |
|---|---|---|
| get | GET a resource | resource URL [string], headers [array] |
| post | POST a resource | resource URL [string], body [object], headers [array] |
| put | PUT a resource | resource URL [string], body [object], headers [array] |
| patch | PATCH a resource | resource URL [string], body [object], headers [array] |
| delete | DELETE a resource | resource URL [string], headers [array] |
| setAuthorisationToken | Set the authorisation token for all requests | authorisationToken [string] |
| readConfiguration | Returns the provided options | None |
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
Found 27/30 approved changesets -- score normalized to 9
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Warn: project license file does not contain an FSF or OSI license.
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/build.yml:1
- Warn: no topLevel permission defined: .github/workflows/labeler.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:87: update your workflow using https://app.stepsecurity.io/secureworkflow/justeattakeaway/fozzie-components/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/justeattakeaway/fozzie-components/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:99: update your workflow using https://app.stepsecurity.io/secureworkflow/justeattakeaway/fozzie-components/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:112: update your workflow using https://app.stepsecurity.io/secureworkflow/justeattakeaway/fozzie-components/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:143: update your workflow using https://app.stepsecurity.io/secureworkflow/justeattakeaway/fozzie-components/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:148: update your workflow using https://app.stepsecurity.io/secureworkflow/justeattakeaway/fozzie-components/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:155: update your workflow using https://app.stepsecurity.io/secureworkflow/justeattakeaway/fozzie-components/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:179: update your workflow using https://app.stepsecurity.io/secureworkflow/justeattakeaway/fozzie-components/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:184: update your workflow using https://app.stepsecurity.io/secureworkflow/justeattakeaway/fozzie-components/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:191: update your workflow using https://app.stepsecurity.io/secureworkflow/justeattakeaway/fozzie-components/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:201: update your workflow using https://app.stepsecurity.io/secureworkflow/justeattakeaway/fozzie-components/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:221: update your workflow using https://app.stepsecurity.io/secureworkflow/justeattakeaway/fozzie-components/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:255: update your workflow using https://app.stepsecurity.io/secureworkflow/justeattakeaway/fozzie-components/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:260: update your workflow using https://app.stepsecurity.io/secureworkflow/justeattakeaway/fozzie-components/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:267: update your workflow using https://app.stepsecurity.io/secureworkflow/justeattakeaway/fozzie-components/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:278: update your workflow using https://app.stepsecurity.io/secureworkflow/justeattakeaway/fozzie-components/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:296: update your workflow using https://app.stepsecurity.io/secureworkflow/justeattakeaway/fozzie-components/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:300: update your workflow using https://app.stepsecurity.io/secureworkflow/justeattakeaway/fozzie-components/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:307: update your workflow using https://app.stepsecurity.io/secureworkflow/justeattakeaway/fozzie-components/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/justeattakeaway/fozzie-components/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/justeattakeaway/fozzie-components/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/justeattakeaway/fozzie-components/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/justeattakeaway/fozzie-components/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/justeattakeaway/fozzie-components/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/justeattakeaway/fozzie-components/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/labeler.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/justeattakeaway/fozzie-components/labeler.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/labeler.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/justeattakeaway/fozzie-components/labeler.yml/master?enable=pin
- Info: 0 out of 27 GitHub-owned GitHubAction dependencies pinned
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 30 are checked with a SAST tool
Reason
64 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-hjwq-mjwj-4x6c
- Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
- Warn: Project is vulnerable to: GHSA-8hc4-vh64-cxmj
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-xwcq-pm8m-c4vf
- Warn: Project is vulnerable to: GHSA-phwq-j96m-2c2q
- Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
- Warn: Project is vulnerable to: GHSA-434g-2637-qmqr
- Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m
- Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw
- Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p
- Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747
- Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
- Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
- Warn: Project is vulnerable to: GHSA-pfq8-rq6v-vf5m
- Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
- Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
- Warn: Project is vulnerable to: GHSA-jf85-cpcp-j695
- Warn: Project is vulnerable to: GHSA-fvqr-27wr-82fm
- Warn: Project is vulnerable to: GHSA-4xc9-xhrj-v574
- Warn: Project is vulnerable to: GHSA-x5rq-j2xg-h7qm
- Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m / GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
- Warn: Project is vulnerable to: GHSA-5rrq-pxf6-6jx5
- Warn: Project is vulnerable to: GHSA-8fr3-hfg3-gpgp
- Warn: Project is vulnerable to: GHSA-gf8q-jrpm-jvxq
- Warn: Project is vulnerable to: GHSA-2r2c-g63r-vccr
- Warn: Project is vulnerable to: GHSA-cfm4-qjh2-4765
- Warn: Project is vulnerable to: GHSA-x4jg-mjrx-434g
- Warn: Project is vulnerable to: GHSA-rp65-9cf3-cjxr
- Warn: Project is vulnerable to: GHSA-3j8f-xvm3-ffx4
- Warn: Project is vulnerable to: GHSA-j9fq-vwqv-2fm2
- Warn: Project is vulnerable to: GHSA-pqw5-jmp5-px4v
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
- Warn: Project is vulnerable to: GHSA-566m-qj78-rww5
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-3965-hpx2-q597
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-w5p7-h5w8-2hfq
- Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
- Warn: Project is vulnerable to: GHSA-64vr-g452-qvp3
- Warn: Project is vulnerable to: GHSA-9cwx-2883-4wfx
- Warn: Project is vulnerable to: GHSA-5j4c-8p2g-v4jx
- Warn: Project is vulnerable to: GHSA-g3ch-rx76-35fx
- Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Score
3.7
/10
Last Scanned on 2024-12-23
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More