Gathering detailed insights and metrics for fetch-retry
Gathering detailed insights and metrics for fetch-retry
Extend any fetch library with retry functionality.
Installations
npm install fetch-retryDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS, UMD
Node Version
20.11.1
NPM Version
10.2.4
Score
99.4
Supply Chain
99.5
Quality
76
Maintenance
100
Vulnerability
100
License
Releases
28
Permissive wrapping, fix global pollution and export types
6.0.0
Updated on Mar 17, 2024
Type definition of the defaults parameter
5.0.6
Updated on May 18, 2023
Fix type definition to support URL instance
5.0.5
Updated on May 03, 2023
Adds example on how to use with Node.js fetch and fixes failing tests
5.0.4
Updated on Feb 26, 2023
Security updates: minimist
5.0.3
Updated on Jul 01, 2022
Bug fixes and security fixes
5.0.2
Updated on Mar 04, 2022
Languages
2
JavaScript
Shell
JavaScript (99.81%)
Shell (0.19%)
Developer
jonbern
Download Statistics
Total Downloads
634,594,723
Last Day
609,528
Last Week
3,816,359
Last Month
17,082,350
Last Year
207,645,502
GitHub Statistics
MIT License
315 Stars
192 Commits
57 Forks
3 Watchers
1 Branches
17 Contributors
Updated on Jun 20, 2025
Maintainers
1
Package Meta Information
Latest Version
6.0.0
Package Id
fetch-retry@6.0.0
Unpacked Size
53.90 kB
Size
9.64 kB
File Count
17
NPM Version
10.2.4
Node Version
20.11.1
Published on
Mar 17, 2024
Total Downloads
Cumulative downloads
Total Downloads
634,594,723
Last Day
32.7%
609,528
Compared to previous day
Last Week
6.3%
3,816,359
Compared to previous week
Last Month
3%
17,082,350
Compared to previous month
Last Year
-14.2%
207,645,502
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
fetch-retry
Adds retry functionality to the Fetch API.
It wraps any fetch API package (eg: isomorphic-fetch, cross-fetch, isomorphic-unfetch, or Node.js native's fetch implementation) and retries requests that fail due to network issues. It can also be configured to retry requests on specific HTTP status codes.
npm package
1npm install fetch-retry --save
Example
fetch-retry is used the same way as fetch, but also accepts retries, retryDelay, and retryOn on the options object.
These properties are optional, and unless different defaults have been specified when requiring fetch-retry, these will default to 3 retries, with a 1000ms retry delay, and to only retry on network errors.
1const originalFetch = require('isomorphic-fetch'); 2const fetch = require('fetch-retry')(originalFetch); 3 4// fetch-retry can also wrap Node.js's native fetch API implementation: 5const fetch = require('fetch-retry')(global.fetch);
1fetch(url, { 2 retries: 3, 3 retryDelay: 1000 4 }) 5 .then(function(response) { 6 return response.json(); 7 }) 8 .then(function(json) { 9 // do something with the result 10 console.log(json); 11 });
or passing your own defaults:
1const originalFetch = require('isomorphic-fetch'); 2const fetch = require('fetch-retry')(originalFetch, { 3 retries: 5, 4 retryDelay: 800 5 });
fetch-retryuses promises and requires you to polyfill the Promise API in order to support Internet Explorer.
Example: Exponential backoff
The default behavior of fetch-retry is to wait a fixed amount of time between attempts, but it is also possible to customize this by passing a function as the retryDelay option. The function is supplied three arguments: attempt (starting at 0), error (in case of a network error), and response. It must return a number indicating the delay.
1fetch(url, { 2 retryDelay: function(attempt, error, response) { 3 return Math.pow(2, attempt) * 1000; // 1000, 2000, 4000 4 } 5 }).then(function(response) { 6 return response.json(); 7 }).then(function(json) { 8 // do something with the result 9 console.log(json); 10 });
Example: Retry on 503 (Service Unavailable)
The default behavior of fetch-retry is to only retry requests on network related issues, but it is also possible to configure it to retry on specific HTTP status codes. This is done by using the retryOn property, which expects an array of HTTP status codes.
1fetch(url, { 2 retryOn: [503] 3 }) 4 .then(function(response) { 5 return response.json(); 6 }) 7 .then(function(json) { 8 // do something with the result 9 console.log(json); 10 });
Example: Retry custom behavior
The retryOn option may also be specified as a function, in which case it will be supplied three arguments: attempt (starting at 0), error (in case of a network error), and response. Return a truthy value from this function in order to trigger a retry, any falsy value will result in the call to fetch either resolving (in case the last attempt resulted in a response), or rejecting (in case the last attempt resulted in an error).
1fetch(url, { 2 retryOn: function(attempt, error, response) { 3 // retry on any network error, or 4xx or 5xx status codes 4 if (error !== null || response.status >= 400) { 5 console.log(`retrying, attempt number ${attempt + 1}`); 6 return true; 7 } 8 }) 9 .then(function(response) { 10 return response.json(); 11 }).then(function(json) { 12 // do something with the result 13 console.log(json); 14 });
Example: Retry custom behavior with async
The retryOn option may also be used with async and await for calling asyncronous functions:
1fetch(url, { 2 retryOn: async function(attempt, error, response) { 3 if (attempt > 3) return false; 4 5 if (error !== null) { 6 var json = await response.json(); 7 if (json.property !== undefined) { 8 return true; 9 } 10 } 11 }) 12 .then(function(response) { 13 return response.json(); 14 }).then(function(json) { 15 // do something with the result 16 console.log(json); 17 });
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
dependency not pinned by hash detected -- score normalized to 2
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/node.js.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/jonbern/fetch-retry/node.js.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/node.js.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/jonbern/fetch-retry/node.js.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/node.js.yml:30
- Info: 0 out of 2 GitHub-owned GitHubAction dependencies pinned
- Info: 1 out of 2 npmCommand dependencies pinned
Reason
Found 5/19 approved changesets -- score normalized to 2
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/node.js.yml:1
- Info: no jobLevel write permissions found
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 17 are checked with a SAST tool
Reason
18 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
- Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
- Warn: Project is vulnerable to: GHSA-4q6p-r6v2-jvc5
- Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5
- Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Score
2.8
/10
Last Scanned on 2025-07-14
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More