Gathering detailed insights and metrics for ember-fetch
Gathering detailed insights and metrics for ember-fetch
HTML5 fetch polyfill from github wrapped and bundled for ember-cli users.
Installations
npm install ember-fetchDeveloper
ember-cli
Developer Guide
BETA
Module System
Unable to determine the module system for this package.
Min. Node Version
>= 10
Typescript Support
No
Node Version
10.24.1
NPM Version
6.14.12
Statistics
176 Stars
733 Commits
80 Forks
13 Watching
34 Branches
58 Contributors
Updated on 08 Nov 2024
Languages
JavaScript (84.9%)
TypeScript (9.13%)
Perl (2.81%)
HTML (2.51%)
Handlebars (0.65%)
Total Downloads
Cumulative downloads
Total Downloads
27,376,024
Last day
1.3%
12,142
Compared to previous day
Last week
-4.9%
61,450
Compared to previous week
Last month
9.3%
296,871
Compared to previous month
Last year
3.7%
4,705,126
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
14
Dev Dependencies
45
@ember/optional-features@ember/test-helpers@types/ember@types/ember-data@types/ember-qunit@types/ember__test-helpers@types/qunit@types/rsvp@typescript-eslint/eslint-plugin@typescript-eslint/parserbabel-eslintbroccoli-asset-revbroccoli-test-helperchaichai-fsember-cliember-cli-addon-testsember-cli-dependency-checkerember-cli-fastbootember-cli-htmlbarsember-cli-inject-live-reloadember-cli-pretenderember-cli-typescript-blueprintsember-cli-uglifyember-dataember-disable-prototype-extensionsember-load-initializersember-maybe-import-regeneratorember-qunitember-resolverember-sourceember-source-channel-urlember-tryeslinteslint-plugin-embereslint-plugin-nodefs-extragloblerna-changelogloader.jsmochaqunitrelease-itrelease-it-lerna-changelogtypescript
Versions
ember-fetch
HTML5 fetch polyfill from github wrapped and bundled for ember-cli users.
Installation
ember install ember-fetch
ember-fetch requries ember-cli 2.13 or above.
Usage
1import Route from '@ember/routing/route'; 2import fetch from 'fetch'; 3 4export default Route.extend({ 5 model() { 6 return fetch('/my-cool-end-point.json').then(function(response) { 7 return response.json(); 8 }); 9 } 10});
Available imports:
1import fetch, { Headers, Request, Response, AbortController } from 'fetch';
Use with TypeScript
To use ember-fetch with TypeScript or enable editor's type support, You can add "fetch": ["node_modules/ember-fetch"] to your tsconfig.json.
1{ 2 "compilerOptions": { 3 "paths": { 4 "fetch": [ 5 "node_modules/ember-fetch" 6 ] 7 } 8 } 9}
Use with Ember Data
ember-data@3.9.2 was released with built-in fetch support, if your ember-data is below 3.9.2, please checkout ember-fetch v7.x.
Use with Fastboot
relative url
ember-fetch uses node-fetch in Fastboot, which doesn't allow relative URL.
urlshould be an absolute url, such ashttps://example.com/. A path-relative URL (/file/under/root) or protocol-relative URL (//can-be-http-or-https.com/) will result in a rejected promise.
However, ember-fetch grabs the protocol and host info from fastboot request after the instance-initializes.
This allows you to make a relative URL request unless the app is not initialized, e.g. initializers and app.js.
top-level addon
For addon authors, if the addon supports Fastboot mode, ember-fetch should also be listed as a peer dependency.
This is because Fastboot only invokes top-level addon's updateFastBootManifest (detail), thus ember-fetch has to be a top-level addon installed by the host app.
Allow native fetch
ember-fetch allows access to native fetch in browser through a build config flag:
1// ember-cli-build.js
2let app = new EmberAddon(defaults, {
3 // Add options here
4 'ember-fetch': {
5 preferNative: true
6 }
7});If set to true, the fetch polyfill will be skipped if native fetch is available,
otherwise the polyfilled fetch will be installed during the first pass of the vendor js file.
If set to false, the polyfilled fetch will replace native fetch be there or not.
If all your browser targets support native fetch, and preferNative: true, the polyfill will not be included in the output build. If, for some reason, you still need the polyfill to be included in the bundle, you can set alwaysIncludePolyfill: true.
The way you do import remains same.
Use native promise instead of RSVP
If you do not want to use RSVP, but native Promises, you can specify this build config flag:
1// ember-cli-build.js
2let app = new EmberAddon(defaults, {
3 // Add options here
4 'ember-fetch': {
5 nativePromise: true
6 }
7});Error Handling
A fetch response is successful if response.ok is true,
otherwise you can read the status code to determine the bad response type.
fetch will only reject with network errors.
ember-fetch provides some utility functions:
isBadRequestResponse(400)isUnauthorizedResponse(401)isForbiddenResponse(403)isNotFoundResponse(404)isConflictResponse(409)isGoneResponse(410)isInvalidResponse(422)isServerErrorResponse(5XX)isAbortErrorAborted network error
1import Route from '@ember/routing/route'; 2import fetch from 'fetch'; 3import { 4 isAbortError, 5 isServerErrorResponse, 6 isUnauthorizedResponse 7} from 'ember-fetch/errors'; 8 9export default Route.extend({ 10 model() { 11 return fetch('/omg.json') 12 .then(function(response) { 13 if (response.ok) { 14 return response.json(); 15 } else if (isUnauthorizedResponse(response)) { 16 // handle 401 response 17 } else if (isServerErrorResponse(response)) { 18 // handle 5xx respones 19 } 20 }) 21 .catch(function(error) { 22 if (isAbortError(error)) { 23 // handle aborted network error 24 } 25 // handle network error 26 }); 27 } 28});
Browser Support
- evergreen / IE10+ / Safari 6.1+ https://github.com/github/fetch#browser-support
Q & A
Does it work with pretender?
- Yes, pretender v2.1 comes with
fetchsupport.
What about all the run-loop and promise mixing details?
- taken care of for you
Why is this wrapper needed?
- original emits a global
- original requires a Promise polyfill (ember users have RSVP)
- original isn't Ember run-loop aware
Won't this wrapper get out-of-sync?
- we actually don't bundle github/fetch rather we merely wrap/transform what
comes from
node_modules, so we should be resilient to changes assuming semver from the fetch module
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE.md:0
- Info: FSF or OSI recognized license: MIT License: LICENSE.md:0
Reason
Found 2/10 approved changesets -- score normalized to 2
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/CI.yml:1
- Info: no jobLevel write permissions found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/ember-cli/ember-fetch/CI.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/ember-cli/ember-fetch/CI.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/ember-cli/ember-fetch/CI.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:107: update your workflow using https://app.stepsecurity.io/secureworkflow/ember-cli/ember-fetch/CI.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/ember-cli/ember-fetch/CI.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/CI.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/ember-cli/ember-fetch/CI.yml/main?enable=pin
- Info: 0 out of 6 GitHub-owned GitHubAction dependencies pinned
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'main'
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 27 are checked with a SAST tool
Reason
82 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-whgm-jr23-g3j9
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-fwr7-v2mv-hh25
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-x9w5-v3q2-3rhw
- Warn: Project is vulnerable to: GHSA-wxhq-pm8v-cw75
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
- Warn: Project is vulnerable to: GHSA-434g-2637-qmqr
- Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m
- Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw
- Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p
- Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747
- Warn: Project is vulnerable to: GHSA-j4f2-536g-r55m
- Warn: Project is vulnerable to: GHSA-r7qp-cfhv-p84w
- Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
- Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
- Warn: Project is vulnerable to: GHSA-74fj-2j2h-c42q
- Warn: Project is vulnerable to: GHSA-pw2r-vq6v-hr8c
- Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-4q6p-r6v2-jvc5
- Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
- Warn: Project is vulnerable to: GHSA-7wwv-vh3v-89cq
- Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
- Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488
- Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g
- Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-6vfc-qv3f-vr6c
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-pc58-wgmc-hfjr
- Warn: Project is vulnerable to: GHSA-vvv8-xw5f-3f88
- Warn: Project is vulnerable to: GHSA-qrpm-p2h7-hrv2
- Warn: Project is vulnerable to: GHSA-r683-j2x4-v87g
- Warn: Project is vulnerable to: GHSA-5fw9-fq32-wv5p
- Warn: Project is vulnerable to: GHSA-px4h-xg32-q955
- Warn: Project is vulnerable to: GHSA-3j8f-xvm3-ffx4
- Warn: Project is vulnerable to: GHSA-4p35-cfcx-8653
- Warn: Project is vulnerable to: GHSA-7f3x-x4pr-wqhj
- Warn: Project is vulnerable to: GHSA-jpp7-7chh-cf67
- Warn: Project is vulnerable to: GHSA-q6wq-5p59-983w
- Warn: Project is vulnerable to: GHSA-j9fq-vwqv-2fm2
- Warn: Project is vulnerable to: GHSA-pqw5-jmp5-px4v
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-xfhp-gmh8-r8v2
- Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
- Warn: Project is vulnerable to: GHSA-4rq4-32rv-6wp6
- Warn: Project is vulnerable to: GHSA-64g7-mvw6-v9qj
- Warn: Project is vulnerable to: GHSA-25hc-qcg6-38wj
- Warn: Project is vulnerable to: GHSA-qm95-pgcg-qqfq
- Warn: Project is vulnerable to: GHSA-cqmj-92xf-r6r9
- Warn: Project is vulnerable to: GHSA-9r2w-394v-53qc
- Warn: Project is vulnerable to: GHSA-5955-9wpr-37jh
- Warn: Project is vulnerable to: GHSA-qq89-hq3f-393p
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-4wf5-vphf-c2xc
- Warn: Project is vulnerable to: GHSA-jgrx-mgxx-jf9v
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
- Warn: Project is vulnerable to: GHSA-h6q6-9hqw-rwfv
- Warn: Project is vulnerable to: GHSA-5fg8-2547-mr8q
- Warn: Project is vulnerable to: GHSA-crh6-fp67-6883
- Warn: Project is vulnerable to: GHSA-72mh-269x-7mh5
- Warn: Project is vulnerable to: GHSA-h4j5-c7cj-74xg
Score
2.7
/10
Last Scanned on 2024-11-25
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More