Gathering detailed insights and metrics for @tinyanvil/http-multipart-body-parser
Gathering detailed insights and metrics for @tinyanvil/http-multipart-body-parser
Installations
npm install @tinyanvil/http-multipart-body-parserDeveloper Guide
BETA
Typescript
No
Module System
N/A
Min. Node Version
>=10
Node Version
12.16.2
NPM Version
6.14.4
Score
68.6
Supply Chain
97
Quality
74.8
Maintenance
50
Vulnerability
99.6
License
Releases
132
Contributors
194
Unable to fetch Contributors
Languages
4
JavaScript
TypeScript
CSS
Shell
JavaScript (88.65%)
TypeScript (10.87%)
CSS (0.47%)
Shell (0.02%)
Developer
Download Statistics
Total Downloads
661
Last Day
1
Last Week
6
Last Month
16
Last Year
117
GitHub Statistics
3,759 Stars
2,279 Commits
373 Forks
35 Watching
11 Branches
194 Contributors
Bundle Size
528.75 kB
Minified
193.76 kB
Minified + Gzipped
Maintainers
1
Package Meta Information
Latest Version
1.0.1
Package Id
@tinyanvil/http-multipart-body-parser@1.0.1
Unpacked Size
14.62 kB
Size
4.32 kB
File Count
6
NPM Version
6.14.4
Node Version
12.16.2
Total Downloads
Cumulative downloads
Total Downloads
661
Last day
0%
1
Compared to previous day
Last week
0%
6
Compared to previous week
Last month
700%
16
Compared to previous month
Last year
-17%
117
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
3
Peer Dependencies
1
Dev Dependencies
2
Versions
Middy http-multipart-body-parser middleware
HTTP json body parser middleware for the middy framework, the stylish Node.js middleware engine for AWS Lambda
Automatically parses HTTP requests with content type multipart/form-data and converts the body into an
object. Also handles gracefully broken JSON as UnprocessableEntity (422 errors)
if used in combination with httpErrorHandler.
It can also be used in combination with validator so that the content can be validated.
Note: by default this is going to parse only events that contain the header Content-Type (or content-type) set to multipart/form-data. If you want to support different casing for the header name (e.g. Content-type) then you should use the httpHeaderNormalizer middleware before this middleware.
Install
To install this middleware you can use NPM:
1npm install --save @middy/http-multipart-body-parser
Options
busboy(object) (optional): defaults to{}and it can be used to pass extraparameters to the internalbusboyinstance at creation time. Checkout the official documentation for more information on the supported options.
Note: this middleware will buffer all the data as it is processed internally by busboy, so, if you are using this approach to parse significantly big volumes of data, keep in mind that all the data will be allocated in memory. This is somewhat inevitable with Lambdas (as the data is already encoded into the JSON in memory as Base64), but it's good to keep this in mind and evaluate the impact on you application.
If you really have to deal with big files, then you might also want to consider to allowing your users to directly upload files to S3
Sample usage
1const middy = require('@middy/core') 2const { httpMultipartBodyParser } = require('@middy/http-multipart-body-parser') 3const handler = middy((event, context, cb) => { 4 cb(null, {}) 5}) 6handler.use(httpMultipartBodyParser()) 7// invokes the handler 8const event = { 9 headers: { 10 'content-type': 'multipart/form-data; boundary=----WebKitFormBoundaryppsQEwf2BVJeCe0M' 11 }, 12 body: 'LS0tLS0tV2ViS2l0Rm9ybUJvdW5kYXJ5cHBzUUV3ZjJCVkplQ2UwTQ0KQ29udGVudC1EaXNwb3NpdGlvbjogZm9ybS1kYXRhOyBuYW1lPSJmb28iDQoNCmJhcg0KLS0tLS0tV2ViS2l0Rm9ybUJvdW5kYXJ5cHBzUUV3ZjJCVkplQ2UwTS0t', 13 isBase64Encoded: true 14} 15handler(event, {}, (_, body) => { 16 expect(body).toEqual({ foo: 'bar' }) 17})
Middy documentation and examples
For more documentation and examples, refers to the main Middy monorepo on GitHub or Middy official website.
Contributing
Everyone is very welcome to contribute to this repository. Feel free to raise issues or to submit Pull Requests.
License
Licensed under MIT License. Copyright (c) 2017-2018 Luciano Mammino and the Middy team.
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
2 out of 2 merged PRs checked by a CI test -- score normalized to 10
Reason
project has 33 contributing companies or organizations
Details
- Info: serverlessdays-dublin contributor org/company found, awsbites contributor org/company found, qwikifiers contributor org/company found, QwikDev contributor org/company found, coursepolicy contributor org/company found, kushki contributor org/company found, global cyber alliance contributor org/company found, nodejs-design-patterns-book contributor org/company found, aws-samples contributor org/company found, PartidoDigital contributor org/company found, js-uy contributor org/company found, GlobantUy contributor org/company found, datastreamapp contributor org/company found, the gordon foundation contributor org/company found, VocadianAI contributor org/company found, los angeles times contributor org/company found, awslabs contributor org/company found, middyjs contributor org/company found, empathycom contributor org/company found, standards contributor org/company found, lucpod contributor org/company found, fourtheorem contributor org/company found, propsto contributor org/company found, FullStackBulletin contributor org/company found, ucudal contributor org/company found, augustsn contributor org/company found, fastify contributor org/company found, rust-italia contributor org/company found, Oryzone contributor org/company found, gqty-dev contributor org/company found, datadesk contributor org/company found, aws contributor org/company found, serverless-heaven contributor org/company found,
Reason
no dangerous workflow patterns detected
Reason
update tool detected
Details
- Info: detected update tool: Dependabot: :0
Reason
project is fuzzed
Details
- Info: JavaScriptPropertyBasedTesting integration found: packages/appconfig/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/cloudwatch-metrics/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/core/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/do-not-wait-for-empty-event-loop/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/dynamodb/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/error-logger/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/event-normalizer/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/http-content-encoding/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/http-content-negotiation/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/http-cors/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/http-error-handler/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/http-event-normalizer/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/http-header-normalizer/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/http-json-body-parser/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/http-multipart-body-parser/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/http-partial-response/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/http-response-serializer/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/http-router/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/http-security-headers/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/http-urlencode-body-parser/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/http-urlencode-path-parser/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/input-output-logger/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/rds-signer/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/s3-object-response/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/s3/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/secrets-manager/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/service-discovery/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/sqs-partial-batch-failure/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/ssm/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/sts/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/validator/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/warmup/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/ws-json-body-parser/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/ws-response/__tests__/fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/ws-router/__tests__/fuzz.js:2
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
30 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10
Reason
packaging workflow detected
Details
- Info: Project packages its releases by way of GitHub Actions.: .github/workflows/release.yml:13
Reason
all dependencies are pinned
Details
- Info: 22 out of 22 GitHub-owned GitHubAction dependencies pinned
- Info: 3 out of 3 third-party GitHubAction dependencies pinned
- Info: 7 out of 7 npmCommand dependencies pinned
Reason
SAST tool is run on all commits
Details
- Info: SAST configuration detected: CodeQL
- Info: all commits (10) are checked with a SAST tool
Reason
security policy file detected
Details
- Info: security policy file detected: SECURITY.md:1
- Info: Found linked content: SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1
- Info: Found text in security policy: SECURITY.md:1
Reason
GitHub workflow tokens follow principle of least privilege
Details
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/release.yml:22
- Info: jobLevel 'actions' permission set to 'read': .github/workflows/sast.yml:17
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/sast.yml:18
- Info: topLevel 'contents' permission set to 'read': .github/workflows/benchmarks.yml:13
- Info: topLevel 'contents' permission set to 'read': .github/workflows/lint.yml:7
- Info: topLevel permissions set to 'read-all': .github/workflows/ossf-scorecard.yml:18
- Info: topLevel 'contents' permission set to 'read': .github/workflows/release.yml:10
- Info: topLevel 'contents' permission set to 'read': .github/workflows/sast.yml:10
- Info: topLevel 'contents' permission set to 'read': .github/workflows/tests.yml:13
- Info: topLevel 'contents' permission set to 'read': .github/workflows/typings.yml:13
- Info: topLevel 'contents' permission set to 'read': .github/workflows/website-publish.yml:12
- Info: topLevel 'contents' permission set to 'read': .github/workflows/website-test.yml:12
- Info: no jobLevel write permissions found
Reason
0 existing vulnerabilities detected
Reason
branch protection is not maximal on development and all release branches
Details
- Info: 'allow deletion' disabled on branch 'main'
- Info: 'force pushes' disabled on branch 'main'
- Warn: 'branch protection settings apply to administrators' is disable on branch 'main'
- Info: 'stale review dismissal' is required to merge on branch 'main'
- Warn: required approving review count is 1 on branch 'main'
- Info: codeowner review is required on branch 'main'
- Info: 'last push approval' is required to merge on branch 'main'
- Info: 'up-to-date branches' is required to merge on branch 'main'
- Info: status check found to merge onto on branch 'main'
- Info: PRs are required in order to make changes on branch 'main'
Reason
badge detected: Passing
Reason
Found 0/22 approved changesets -- score normalized to 0
Score
8.9
/10
Last Scanned on 2025-02-05T14:32:08Z
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More