Gathering detailed insights and metrics for @tinyanvil/http-multipart-body-parser
Gathering detailed insights and metrics for @tinyanvil/http-multipart-body-parser
🛵 The stylish Node.js middleware engine for AWS Lambda 🛵
Installations
npm install @tinyanvil/http-multipart-body-parserDeveloper Guide
BETA
Typescript
No
Module System
N/A
Min. Node Version
>=10
Node Version
12.16.2
NPM Version
6.14.4
Releases
149
Languages
4
JavaScript
TypeScript
CSS
Shell
JavaScript (88.17%)
TypeScript (11.35%)
CSS (0.46%)
Shell (0.01%)
Developer
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
MIT License
3,837 Stars
2,493 Commits
388 Forks
34 Watchers
13 Branches
201 Contributors
Updated on Jul 18, 2025
Maintainers
1
Package Meta Information
Latest Version
1.0.1
Package Id
@tinyanvil/http-multipart-body-parser@1.0.1
Unpacked Size
14.62 kB
Size
4.32 kB
File Count
6
NPM Version
6.14.4
Node Version
12.16.2
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
3
Peer Dependencies
1
Dev Dependencies
2
Middy http-multipart-body-parser middleware
HTTP json body parser middleware for the middy framework, the stylish Node.js middleware engine for AWS Lambda
Automatically parses HTTP requests with content type multipart/form-data and converts the body into an
object. Also handles gracefully broken JSON as UnprocessableEntity (422 errors)
if used in combination with httpErrorHandler.
It can also be used in combination with validator so that the content can be validated.
Note: by default this is going to parse only events that contain the header Content-Type (or content-type) set to multipart/form-data. If you want to support different casing for the header name (e.g. Content-type) then you should use the httpHeaderNormalizer middleware before this middleware.
Install
To install this middleware you can use NPM:
1npm install --save @middy/http-multipart-body-parser
Options
busboy(object) (optional): defaults to{}and it can be used to pass extraparameters to the internalbusboyinstance at creation time. Checkout the official documentation for more information on the supported options.
Note: this middleware will buffer all the data as it is processed internally by busboy, so, if you are using this approach to parse significantly big volumes of data, keep in mind that all the data will be allocated in memory. This is somewhat inevitable with Lambdas (as the data is already encoded into the JSON in memory as Base64), but it's good to keep this in mind and evaluate the impact on you application.
If you really have to deal with big files, then you might also want to consider to allowing your users to directly upload files to S3
Sample usage
1const middy = require('@middy/core') 2const { httpMultipartBodyParser } = require('@middy/http-multipart-body-parser') 3const handler = middy((event, context, cb) => { 4 cb(null, {}) 5}) 6handler.use(httpMultipartBodyParser()) 7// invokes the handler 8const event = { 9 headers: { 10 'content-type': 'multipart/form-data; boundary=----WebKitFormBoundaryppsQEwf2BVJeCe0M' 11 }, 12 body: 'LS0tLS0tV2ViS2l0Rm9ybUJvdW5kYXJ5cHBzUUV3ZjJCVkplQ2UwTQ0KQ29udGVudC1EaXNwb3NpdGlvbjogZm9ybS1kYXRhOyBuYW1lPSJmb28iDQoNCmJhcg0KLS0tLS0tV2ViS2l0Rm9ybUJvdW5kYXJ5cHBzUUV3ZjJCVkplQ2UwTS0t', 13 isBase64Encoded: true 14} 15handler(event, {}, (_, body) => { 16 expect(body).toEqual({ foo: 'bar' }) 17})
Middy documentation and examples
For more documentation and examples, refers to the main Middy monorepo on GitHub or Middy official website.
Contributing
Everyone is very welcome to contribute to this repository. Feel free to raise issues or to submit Pull Requests.
License
Licensed under MIT License. Copyright (c) 2017-2018 Luciano Mammino and the Middy team.
No vulnerabilities found.
Reason
update tool detected
Details
- Info: detected update tool: Dependabot: .github/dependabot.yml:1
Reason
all changesets reviewed
Reason
30 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10
Reason
security policy file detected
Details
- Info: security policy file detected: SECURITY.md:1
- Info: Found linked content: SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1
- Info: Found text in security policy: SECURITY.md:1
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
GitHub workflow tokens follow principle of least privilege
Details
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/release.yml:21
- Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release.yml:80
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/release.yml:112
- Info: jobLevel 'actions' permission set to 'read': .github/workflows/test-sast.yml:46
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/test-sast.yml:47
- Info: topLevel permissions set to 'read-all': .github/workflows/ossf-scorecard.yml:19
- Info: topLevel 'contents' permission set to 'read': .github/workflows/release.yml:12
- Info: topLevel 'contents' permission set to 'read': .github/workflows/test-dast.yml:10
- Info: topLevel 'contents' permission set to 'read': .github/workflows/test-dco.yml:7
- Info: topLevel 'contents' permission set to 'read': .github/workflows/test-lint.yml:10
- Info: topLevel 'contents' permission set to 'read': .github/workflows/test-pref.yml:10
- Info: topLevel 'contents' permission set to 'read': .github/workflows/test-sast.yml:13
- Info: topLevel 'contents' permission set to 'read': .github/workflows/test-types.yml:10
- Info: topLevel 'contents' permission set to 'read': .github/workflows/test-unit.yml:7
- Info: topLevel 'contents' permission set to 'read': .github/workflows/website-publish.yml:12
- Info: topLevel 'contents' permission set to 'read': .github/workflows/website-test.yml:12
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
SAST tool is run on all commits
Details
- Info: SAST configuration detected: CodeQL
- Info: all commits (30) are checked with a SAST tool
Reason
project is fuzzed
Details
- Info: JavaScriptPropertyBasedTesting integration found: packages/appconfig/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/cloudformation-response/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/cloudformation-router/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/cloudwatch-metrics/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/core/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/do-not-wait-for-empty-event-loop/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/dynamodb/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/error-logger/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/event-normalizer/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/http-content-encoding/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/http-content-negotiation/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/http-cors/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/http-error-handler/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/http-event-normalizer/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/http-header-normalizer/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/http-json-body-parser/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/http-multipart-body-parser/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/http-partial-response/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/http-response-serializer/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/http-router/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/http-security-headers/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/http-urlencode-body-parser/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/http-urlencode-path-parser/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/input-output-logger/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/rds-signer/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/s3-object-response/index.fuzz.js:4
- Info: JavaScriptPropertyBasedTesting integration found: packages/s3/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/secrets-manager/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/service-discovery/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/sqs-partial-batch-failure/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/ssm/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/sts/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/validator/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/warmup/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/ws-json-body-parser/index.fuzz.js:2
- Info: JavaScriptPropertyBasedTesting integration found: packages/ws-response/index.fuzz.js:7
- Info: JavaScriptPropertyBasedTesting integration found: packages/ws-router/index.fuzz.js:2
Reason
packaging workflow detected
Details
- Info: Project packages its releases by way of GitHub Actions.: .github/workflows/release.yml:106
Reason
branch protection is fully enabled on development and all release branches
Details
- Info: 'allow deletion' disabled on branch 'main'
- Info: 'force pushes' disabled on branch 'main'
- Info: 'branch protection settings apply to administrators' is required to merge on branch 'main'
- Info: 'stale review dismissal' is required to merge on branch 'main'
- Info: required approving review count is 2 on branch 'main'
- Info: codeowner review is required on branch 'main'
- Info: 'last push approval' is required to merge on branch 'main'
- Info: 'up-to-date branches' is required to merge on branch 'main'
- Info: status check found to merge onto on branch 'main'
- Info: PRs are required in order to make changes on branch 'main'
Reason
9 out of 9 merged PRs checked by a CI test -- score normalized to 10
Reason
project has 31 contributing companies or organizations
Details
- Info: found contributions from: FullStackBulletin, GlobantUy, Oryzone, PartidoDigital, QwikDev, augustsn, aws, aws-samples, awsbites, awslabs, datastreamapp, empathycom, fastify, fourtheorem, global cyber alliance, gqty-dev, js-uy, kushki, lint-staged, lucpod, middyjs, nodejs-design-patterns-book, qwikifiers, rust-italia, s-group-dev, serverless-heaven, serverlessdays-dublin, standards, the gordon foundation, typeorm, ucudal
Reason
dependency not pinned by hash detected -- score normalized to 9
Details
- Warn: npmCommand not pinned by hash: .github/workflows/test-sast.yml:38
- Info: 39 out of 39 GitHub-owned GitHubAction dependencies pinned
- Info: 4 out of 4 third-party GitHubAction dependencies pinned
- Info: 8 out of 9 npmCommand dependencies pinned
Reason
2 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-4v9v-hfq4-rm2v
- Warn: Project is vulnerable to: GHSA-9jgg-88mc-972h
Reason
badge detected: Silver
Score
9.7
/10
Last Scanned on 2025-07-14T12:31:08Z
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More