Gathering detailed insights and metrics for @medibloc/nestjs-request-context
Gathering detailed insights and metrics for @medibloc/nestjs-request-context
NestJS Request Context using AsyncLocalStorage
Installations
npm install @medibloc/nestjs-request-contextDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS
Min. Node Version
>=14.15.2
Languages
2
TypeScript
JavaScript
TypeScript (86.25%)
JavaScript (13.75%)
Developer
medibloc
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
MIT License
46 Stars
6 Commits
4 Forks
3 Watchers
2 Branches
2 Contributors
Updated on Feb 07, 2025
Maintainers
1
Package Meta Information
Latest Version
1.0.1
Package Id
@medibloc/nestjs-request-context@1.0.1
Unpacked Size
14.94 kB
Size
5.29 kB
File Count
20
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
nestjs-request-context
A NestJS module that stores any type of data in the request-scope and makes it accessible from any layer, such as singleton service layers or even repository layers.
Since AsyncLocalStorage is used internally, the required Node.js version is >=14.15.2 that includes significant fixes.
Installation
1yarn add '@medibloc/nestjs-request-context'
Usage
There are several ways to enable the request context.
Using middleware in the module
Extend RequestContext to include any data you want.
1import { RequestContext } from '@medibloc/nestjs-request-context'; 2 3export class MyRequestContext extends RequestContext { 4 actor: string; 5}
Import RequestContextModule to your AppModule with specifying the context class that you defined above.
It automatically registers a middleware that initialize a context for each request (for all route path *).
1import { RequestContextModule } from '@medibloc/nestjs-request-context'; 2import { MyRequestContext } from './my-context.model'; 3 4@Module({ 5 imports: [ 6 RequestContextModule.forRoot({ 7 contextClass: MyRequestContext, 8 isGlobal: true, 9 }) 10 ] 11}) 12export class AppModule {}
If isGlobal is true, you will not need to import RequestContextModule in other modules once it's been loaded in the root module.
Now, you can access the request context from any Controller/Resolver/Service/Repository layers.
1import { RequestContext } from '@medibloc/nestjs-request-context'; 2import { MyRequestContext } from './my-context.model'; 3 4@Controller('') 5export class MyController { 6 @Get() 7 test(): string { 8 const ctx: MyRequestContext = RequestContext.get(); 9 ctx.actor = 'Jack'; 10 11 return this.myService.test(); 12 } 13} 14 15@Injectable() 16export class MyService { 17 test(): string { 18 const ctx: MyRequestContext = RequestContext.get(); 19 console.log(`current actor: ${ctx.actor}`); 20 21 return ctx.actor; 22 } 23}
Using functional middleware
If you prefer to use the functional middleware rather than import the module RequestContextModule,
you can use the requestContextMiddleware function by passing the context class that you want.
In this case, you don't need to import the RequestContextModule to the AppModule.
1import { requestContextMiddleware } from '@medibloc/nestjs-request-context'; 2import { MyRequestContext } from './my-context.model'; 3 4const app = await NestFactory(AppModule); 5... 6app.use(requestContextMiddleware(MyRequestContext)); 7 8await app.listen(3000);
Later steps are the same as in the section above.
For GraphQL Subscriptions
If you use GraphQL Subscriptions, the request context middleware will not be executed automatically, because NestJS middlewares are not for Websocket connections.
If you want to initialize the request context for each Websocket connection,
please set the onConnect option like below.
In this case, you don't need to import the RequestContextModule to the AppModule
or use the requestContextMiddleware function.
1@Module({ 2 GraphQLModule.forRoot({ 3 installSubscriptionHandlers: true, 4 subscriptions: { 5 onConnect: () => RequestContext.start(PaletteRequestContext), 6 }, 7 }), 8}) 9export class AppModule{}
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
Found 2/6 approved changesets -- score normalized to 3
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/medibloc/nestjs-request-context/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/medibloc/nestjs-request-context/ci.yml/master?enable=pin
- Info: 0 out of 2 GitHub-owned GitHubAction dependencies pinned
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/ci.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 3 are checked with a SAST tool
Reason
46 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-cj7v-w2c7-cp7c
- Warn: Project is vulnerable to: GHSA-4jpv-8r57-pv7j
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-4w2v-q235-vp99
- Warn: Project is vulnerable to: GHSA-cph5-m8f7-6c5x
- Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
- Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-h452-7996-h45h
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
- Warn: Project is vulnerable to: GHSA-wm7h-9275-46v2
- Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
- Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
- Warn: Project is vulnerable to: GHSA-74fj-2j2h-c42q
- Warn: Project is vulnerable to: GHSA-pw2r-vq6v-hr8c
- Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
- Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-44fp-w29j-9vj5
- Warn: Project is vulnerable to: GHSA-r683-j2x4-v87g
- Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
- Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
- Warn: Project is vulnerable to: GHSA-jgrx-mgxx-jf9v
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-6fc8-4gx4-v693
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Score
3.1
/10
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More