Gathering detailed insights and metrics for @stomp/rx-stomp
Gathering detailed insights and metrics for @stomp/rx-stomp
Installations
npm install @stomp/rx-stompReleases
Unable to fetch releases
Developer
stomp-js
Developer Guide
BETA
Module System
ESM, UMD
Min. Node Version
Typescript Support
No
Node Version
19.5.0
NPM Version
9.3.1
Statistics
113 Stars
690 Commits
21 Forks
4 Watching
12 Branches
5 Contributors
Updated on 24 Oct 2024
Languages
TypeScript (93.51%)
JavaScript (4.9%)
Shell (1.24%)
Dockerfile (0.34%)
Total Downloads
Cumulative downloads
Total Downloads
7,318,046
Last day
3.1%
10,072
Compared to previous day
Last week
0.5%
47,824
Compared to previous week
Last month
7.6%
203,995
Compared to previous month
Last year
9.6%
2,148,410
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Peer Dependencies
3
Dev Dependencies
21
@chiragrupani/karma-chromium-edge-launcher@rollup/plugin-commonjs@rollup/plugin-node-resolve@rollup/plugin-sucrase@rollup/plugin-terser@rollup/plugin-typescript@types/jasmine@types/uuidjasminekarmakarma-chrome-launcherkarma-firefox-launcherkarma-jasminekarma-rollup-preprocessorkarma-safari-launcherkarma-summary-reporterprettierrolluptslinttslint-config-prettiertypescript
Versions
RxStomp
This library provides an RxJS oriented STOMP over WebSocket client for Web browser and node.js applications.
Please visit https://stomp-js.github.io/ for guides, FAQs and API docs.
Introduction
This library allows you to connect to a STOMP broker over WebSocket. This library supports complete STOMP specifications including all current protocol variants. Most popular messaging brokers support STOMP and STOMP over WebSockets out-of-the-box or using plugins.
This library uses https://github.com/stomp-js/stompjs under the hood.
Features
- Simple API to interact with the Stomp protocol
- Support for v1.2, v1.1 and v1.0 of the Stomp protocol
- Support for fallback options in case of WebSocket unavailable
- Browser and Node.js support
- Option to use STOMP over TCP
- Binary payload support
- Suitable for usage with long-running applications, pages, and SPAs.
TypeScript definitions
The npm package includes TypeScript definitions, so there is no need to install it separately.
Usage
Browser
1<script type="importmap"> 2 { 3 "imports": { 4 "@stomp/rx-stomp": "https://ga.jspm.io/npm:@stomp/rx-stomp@2.0.0/esm6/index.js" 5 }, 6 "scopes": { 7 "https://ga.jspm.io/": { 8 "@stomp/stompjs": "https://ga.jspm.io/npm:@stomp/stompjs@7.0.0/esm6/index.js", 9 "rxjs": "https://ga.jspm.io/npm:rxjs@7.8.0/dist/esm5/index.js", 10 "tslib": "https://ga.jspm.io/npm:tslib@2.5.0/modules/index.js", 11 "uuid": "https://ga.jspm.io/npm:uuid@9.0.0/dist/esm-browser/index.js" 12 } 13 } 14 } 15 </script> 16 17<!-- ES Module Shims: Import maps polyfill for modules browsers without import maps support (all except Chrome 89+) --> 18<script async src="https://ga.jspm.io/npm:es-module-shims@1.5.1/dist/es-module-shims.js" crossorigin="anonymous"></script> 19 20<script type="module"> 21 import { RxStomp } from "@stomp/rx-stomp"; 22 23 const rxStomp = new RxStomp(); 24 rxStomp.configure({ 25 brokerURL: 'ws://localhost:15674/ws', 26 }); 27 28 rxStomp.activate(); 29 30 const subscription = rxStomp 31 .watch({ destination: "/topic/test-rx" }) 32 .subscribe((message) => console.log(message.body)); 33 34 rxStomp.publish({ 35 destination: "/topic/test-rx", 36 body: "First message to RxStomp", 37 }); 38 39 setTimeout(async () => { 40 subscription.unsubscribe(); 41 await rxStomp.deactivate(); 42 }, 3000); 43</script>
NodeJS
1$ npm install @stomp/rx-stomp ws
1import { RxStomp } from "@stomp/rx-stomp"; 2import { WebSocket } from 'ws'; 3 4Object.assign(global, { WebSocket}); 5 6const rxStomp = new RxStomp(); 7rxStomp.configure({ 8 brokerURL: 'ws://localhost:15674/ws', 9}); 10 11rxStomp.activate(); 12 13const subscription = rxStomp 14 .watch({ destination: "/topic/test-rx" }) 15 .subscribe((message) => console.log(message.body)); 16 17rxStomp.publish({ 18 destination: "/topic/test-rx", 19 body: "First message to RxStomp", 20}); 21 22setTimeout(async () => { 23 subscription.unsubscribe(); 24 await rxStomp.deactivate(); 25}, 3000);
Further information
See https://stomp-js.github.io/ for instructions and tutorials.
See samples at: https://github.com/stomp-js/samples/.
API documentation at: https://stomp-js.github.io/api-docs/latest/classes/RxStomp.html.
Change-log
Please visit Change Log.
Contributing
If you want to understand the code, develop, or contribute. Please visit How to contribute.
Authors
- Sam Finnigan
- Jimi (Dimitris) Charalampidis
- Deepak Kumar
- Astha Deep
- Michel Promonet
- Ray Booysen
- Matt Critchlow
- Everyone involved at https://github.com/stomp-js/stompjs
License
License - Apache-2.0
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0
Reason
dependency not pinned by hash detected -- score normalized to 4
Details
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/docs-refresh.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/stomp-js/rx-stomp/docs-refresh.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linux.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/stomp-js/rx-stomp/linux.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linux.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/stomp-js/rx-stomp/linux.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/osx.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/stomp-js/rx-stomp/osx.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/osx.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/stomp-js/rx-stomp/osx.yml/develop?enable=pin
- Warn: containerImage not pinned by hash: rabbitmq/Dockerfile:1: pin your Docker image by updating rabbitmq:3.7.7-alpine to rabbitmq:3.7.7-alpine@sha256:e1524c6c6e63528b0a9e6b077ba7fe1be284b4ffaccf663fdf831e948222f2aa
- Warn: npmCommand not pinned by hash: bin/ng2-stompjs.sh:13
- Info: 0 out of 4 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 1 third-party GitHubAction dependencies pinned
- Info: 0 out of 1 containerImage dependencies pinned
- Info: 3 out of 4 npmCommand dependencies pinned
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
Found 0/30 approved changesets -- score normalized to 0
Reason
no SAST tool detected
Details
- Warn: no pull requests merged into dev branch
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/docs-refresh.yml:1
- Warn: no topLevel permission defined: .github/workflows/linux.yml:1
- Warn: no topLevel permission defined: .github/workflows/osx.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'develop'
Reason
13 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-q9mw-68c2-j6m5
- Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-25hc-qcg6-38wj
- Warn: Project is vulnerable to: GHSA-cqmj-92xf-r6r9
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Score
2.8
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More