🧙♀️ Move Fast and Break Nothing. End-to-end typesafe APIs made easy.
Installations
npm install @trpc/clientDeveloper
Developer Guide
BETA
Module System
CommonJS, ESM
Min. Node Version
Typescript Support
No
Node Version
20.10.0
NPM Version
lerna/8.0.0/node@v20.10.0+x64 (darwin)
Statistics
35,108 Stars
4,299 Commits
1,258 Forks
94 Watching
28 Branches
427 Contributors
Updated on 27 Nov 2024
Languages
TypeScript (79.83%)
MDX (17.17%)
JavaScript (1.78%)
CSS (1.22%)
Total Downloads
Cumulative downloads
Total Downloads
33,858,942
Last day
-4.2%
105,095
Compared to previous day
Last week
4.6%
564,576
Compared to previous week
Last month
8.9%
2,345,341
Compared to previous month
Last year
133.8%
22,460,368
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Peer Dependencies
1
Versions
tRPC
Move fast and break nothing.
End-to-end typesafe APIs made easy.
The client above is not importing any code from the server, only its type declarations.
[!NOTE]
You are looking at the
next-branch of tRPC which is the current work in progress representing version 11.
- The functionality is stable and can be used in production, but we may do small breaking API-changes between patches until we reach
11.0.0- The packages are published with the
next-tag on npm- For the list of changes made, see https://trpc.io/docs/v11/migrate-from-v10-to-v11
Intro
tRPC allows you to easily build & consume fully typesafe APIs without schemas or code generation.
Features
- ✅ Well-tested and production ready.
- 🧙♂️ Full static typesafety & autocompletion on the client, for inputs, outputs, and errors.
- 🐎 Snappy DX - No code generation, run-time bloat, or build pipeline.
- 🍃 Light - tRPC has zero deps and a tiny client-side footprint.
- 🐻 Easy to add to your existing brownfield project.
- 🔋 Batteries included - React.js/Next.js/Express.js/Fastify adapters. (But tRPC is not tied to React, and there are many community adapters for other libraries)
- 🥃 Subscriptions support.
- ⚡️ Request batching - requests made at the same time can be automatically combined into one
- 👀 Quite a few examples in the ./examples-folder
Quickstart
There are a few examples that you can use for playing out with tRPC or bootstrapping your new project. For example, if you want a Next.js app, you can use the full-stack Next.js example:
Quick start with a full-stack Next.js example:
1# yarn 2yarn create next-app --example https://github.com/trpc/trpc --example-path examples/next-prisma-starter trpc-prisma-starter 3 4# npm 5npx create-next-app --example https://github.com/trpc/trpc --example-path examples/next-prisma-starter trpc-prisma-starter 6 7# pnpm 8pnpm create next-app --example https://github.com/trpc/trpc --example-path examples/next-prisma-starter trpc-prisma-starter 9 10# bun 11bunx create-next-app --example https://github.com/trpc/trpc --example-path examples/next-prisma-starter trpc-prisma-starter
👉 See full documentation on tRPC.io. 👈
Star History
Core Team
Do you want to contribute? First, read the Contributing Guidelines before opening an issue or PR so you understand the branching strategy and local development environment. If you need any more guidance or want to ask more questions, feel free to write to us on Discord!
 Alex / KATT | 👋 Hi, I'm Alex and I am the creator of tRPC, don't hesitate to contact me on Twitter or email if you are curious about tRPC in any way. |
Project leads
The people who lead the API-design decisions and have the most active role in the development
 Julius Marminge | Alex / KATT |
Active contributors
People who actively help out improving the codebase by making PRs and reviewing code
 Nick Lucas |  Ole Asteo |  Ahmed Elsakaan |
Special shout-outs
Individuals who have made exceptional contributions to tRPC through code, documentation, community building, and other valuable efforts
 Theo Browne |  Sachin Raja |
Sponsors
If you enjoy working with tRPC and want to support us, consider giving a token appreciation by GitHub Sponsors!
🥇 Gold Sponsors
 Retool |
🥈 Silver Sponsors
 Cal.com, Inc. |  KeenEthics |
🥉 Bronze Sponsors
 Dr. B |  Flylance |  Ryan Magoon |
😻 Smaller Backers
All contributors ✨
No vulnerabilities found.
Reason
security policy file detected
Details
- Info: security policy file detected: SECURITY.md:1
- Info: Found linked content: SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1
- Info: Found text in security policy: SECURITY.md:1
Reason
no dangerous workflow patterns detected
Reason
30 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
no binaries found in the repo
Reason
SAST tool detected but not run on all commits
Details
- Info: SAST configuration detected: CodeQL
- Warn: 0 commits out of 30 are checked with a SAST tool
Reason
Found 13/22 approved changesets -- score normalized to 5
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql-analysis.yml:28
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql-analysis.yml:29
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/labeler.yml:8
- Warn: no topLevel permission defined: .github/workflows/codeql-analysis.yml:1
- Warn: topLevel 'contents' permission set to 'write': .github/workflows/dependabot-approve.yml:6
- Warn: no topLevel permission defined: .github/workflows/labeler.yml:1
- Info: topLevel 'contents' permission set to 'read': .github/workflows/lint.yml:3
- Warn: no topLevel permission defined: .github/workflows/main.yml:1
- Warn: no topLevel permission defined: .github/workflows/release-next.yml:1
- Warn: no topLevel permission defined: .github/workflows/release.yml:1
- Warn: no topLevel permission defined: .github/workflows/subtree.yml:1
- Info: no jobLevel write permissions found
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/trpc/trpc/codeql-analysis.yml/next?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/trpc/trpc/codeql-analysis.yml/next?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/trpc/trpc/codeql-analysis.yml/next?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/trpc/trpc/codeql-analysis.yml/next?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/labeler.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/trpc/trpc/labeler.yml/next?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/trpc/trpc/lint.yml/next?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/lock-issues.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/trpc/trpc/lock-issues.yml/next?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:98: update your workflow using https://app.stepsecurity.io/secureworkflow/trpc/trpc/main.yml/next?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:136: update your workflow using https://app.stepsecurity.io/secureworkflow/trpc/trpc/main.yml/next?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:143: update your workflow using https://app.stepsecurity.io/secureworkflow/trpc/trpc/main.yml/next?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:171: update your workflow using https://app.stepsecurity.io/secureworkflow/trpc/trpc/main.yml/next?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:178: update your workflow using https://app.stepsecurity.io/secureworkflow/trpc/trpc/main.yml/next?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:218: update your workflow using https://app.stepsecurity.io/secureworkflow/trpc/trpc/main.yml/next?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:225: update your workflow using https://app.stepsecurity.io/secureworkflow/trpc/trpc/main.yml/next?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:250: update your workflow using https://app.stepsecurity.io/secureworkflow/trpc/trpc/main.yml/next?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/trpc/trpc/main.yml/next?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/trpc/trpc/main.yml/next?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/trpc/trpc/main.yml/next?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-next.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/trpc/trpc/release-next.yml/next?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-next.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/trpc/trpc/release-next.yml/next?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/trpc/trpc/release.yml/next?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/subtree.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/trpc/trpc/subtree.yml/next?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/subtree.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/trpc/trpc/subtree.yml/next?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/subtree.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/trpc/trpc/subtree.yml/next?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/subtree.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/trpc/trpc/subtree.yml/next?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/subtree.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/trpc/trpc/subtree.yml/next?enable=pin
- Warn: containerImage not pinned by hash: examples/.railway/next-sse-chat/Dockerfile:1
- Warn: containerImage not pinned by hash: examples/.railway/next-sse-chat/Dockerfile:9
- Warn: containerImage not pinned by hash: examples/.railway/next-sse-chat/Dockerfile:17
- Warn: containerImage not pinned by hash: examples/.railway/next-sse-chat/Dockerfile:32
- Info: 0 out of 18 GitHub-owned GitHubAction dependencies pinned
- Info: 1 out of 9 third-party GitHubAction dependencies pinned
- Info: 0 out of 4 containerImage dependencies pinned
Reason
39 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-hpx4-r86g-5jrg
- Warn: Project is vulnerable to: GHSA-prr3-c3m5-p7q2
- Warn: Project is vulnerable to: GHSA-7q7g-4xm8-89cq
- Warn: Project is vulnerable to: GHSA-c2jc-4fpr-4vhg
- Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
- Warn: Project is vulnerable to: GHSA-8hc4-vh64-cxmj
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-h452-7996-h45h
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
- Warn: Project is vulnerable to: GHSA-4gmj-3p3h-gm8h
- Warn: Project is vulnerable to: GHSA-rrr8-f88r-h8q6
- Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-9pv7-vfvm-6vr7
- Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-hhhv-q57g-882q
- Warn: Project is vulnerable to: GHSA-pppg-cpfq-h7wr
- Warn: Project is vulnerable to: GHSA-3xq5-wjfh-ppjc
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-9w5j-4mwv-2wj8
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-3787-6prv-h9w3
- Warn: Project is vulnerable to: GHSA-9qxr-qj54-h672
- Warn: Project is vulnerable to: GHSA-m4v8-wqvr-p9f7
- Warn: Project is vulnerable to: GHSA-5r9g-qh6m-jxff
- Warn: Project is vulnerable to: GHSA-r6ch-mqf9-qc9w
- Warn: Project is vulnerable to: GHSA-wqq4-5wpv-mx2g
- Warn: Project is vulnerable to: GHSA-8c93-4hch-xgxp
- Warn: Project is vulnerable to: GHSA-f8mp-x433-5wpf
- Warn: Project is vulnerable to: GHSA-776f-qx25-q3cc
Score
5.5
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More