Installations
npm install get-uriDeveloper Guide
Typescript
Yes
Module System
CommonJS
Min. Node Version
>= 14
Node Version
20.18.1
NPM Version
10.8.2
Score
97.9
Supply Chain
99.5
Quality
80.2
Maintenance
100
Vulnerability
100
License
Releases
agent-base@7.1.3
Published on 08 Dec 2024
socks-proxy-agent@8.0.5
Published on 07 Dec 2024
proxy-agent@6.5.0
Published on 07 Dec 2024
pac-proxy-agent@7.1.0
Published on 07 Dec 2024
https-proxy-agent@7.0.6
Published on 07 Dec 2024
agent-base@7.1.2
Published on 07 Dec 2024
Contributors
Unable to fetch Contributors
Languages
TypeScript (93.55%)
JavaScript (6.45%)
Developer
Download Statistics
Total Downloads
1,409,052,231
Last Day
829,306
Last Week
4,985,813
Last Month
37,259,687
Last Year
418,744,268
GitHub Statistics
971 Stars
295 Commits
248 Forks
19 Watching
3 Branches
39 Contributors
Bundle Size
41.65 kB
Minified
13.11 kB
Minified + Gzipped
Maintainers
Package Meta Information
Latest Version
6.0.4
Package Id
get-uri@6.0.4
Unpacked Size
43.11 kB
Size
12.81 kB
File Count
31
NPM Version
10.8.2
Node Version
20.18.1
Publised On
03 Dec 2024
Total Downloads
Cumulative downloads
Total Downloads
1,409,052,231
Last day
-7.9%
829,306
Compared to previous day
Last week
-40.5%
4,985,813
Compared to previous week
Last month
-2.8%
37,259,687
Compared to previous month
Last year
21%
418,744,268
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
3
get-uri
Returns a stream.Readable from a URI string
This high-level module accepts a URI string and returns a Readable stream
instance. There is built-in support for a variety of "protocols", and it's
easily extensible with more:
| Protocol | Description | Example |
|---|---|---|
data | Data URIs | data:text/plain;base64,SGVsbG8sIFdvcmxkIQ%3D%3D |
file | File URIs | file:///c:/windows/example.ini |
ftp | FTP URIs | ftp://ftp.kernel.org/pub/site/README |
http | HTTP URIs | http://www.example.com/path/to/name |
https | HTTPS URIs | https://www.example.com/path/to/name |
Example
To simply get a stream.Readable instance from a file: URI, try something like:
1import { getUri } from 'get-uri'; 2 3// `file:` maps to a `fs.ReadStream` instance… 4const stream = await getUri('file:///Users/nrajlich/wat.json'); 5stream.pipe(process.stdout);
Missing Endpoints
When you pass in a URI in which the resource referenced does not exist on the
destination server, then a NotFoundError will be thrown. The code of the
error instance is set to "ENOTFOUND", so you can check for that value
to detect when a bad filename is requested:
1try {
2 await getUri('http://example.com/resource.json');
3} catch (err) {
4 if (err.code === 'ENOTFOUND') {
5 // bad file path requested
6 } else {
7 // something else bad happened...
8 throw err;
9 }
10}Cacheability
When calling getUri() with the same URI multiple times, the get-uri module
supports sending an indicator that the remote resource has not been modified
since the last time it has been retrieved from that node process.
To do this, define a cache property on the "options object" argument
with the value set to the stream.Readable instance that was previously
returned. If the remote resource has not been changed since the last call for
that same URI, then a NotModifiedError instance will be thrown with its
code property set to "ENOTMODIFIED".
When the "ENOTMODIFIED" error occurs, then you can safely re-use the
results from the previous getUri() call for that same URI:
1// First time fetches for real
2const stream = await getUri('http://example.com/resource.json');
3
4try {
5 // … some time later, if you need to get this same URI again, pass in the
6 // previous `stream.Readable` instance as `cache` option to potentially
7 // have an "ENOTMODIFIED" error thrown:
8 await getUri('http://example.com/resource.json', { cache: stream });
9} catch (err) {
10 if (err.code === 'ENOTMODIFIED') {
11 // source file has not been modified since last time it was requested,
12 // so you are expected to re-use results from a previous call to `getUri()`
13 } else {
14 // something else bad happened...
15 throw err;
16 }
17}API
getUri(uri: string | URL, options?: Object]): Promise
A uri is required. An optional options object may be passed in:
cache- Astream.Readableinstance from a previous call togetUri()with the same URI. If this option is passed in, and the destination endpoint has not been modified, then anENOTMODIFIEDerror is thrown
Any other options passed in to the options object will be passed through
to the low-level connection creation functions (http.get(), ftp.connect(),
etc).
Returns a stream.Readable instance to read the resource at the given uri.
No vulnerabilities found.
Reason
16 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
Found 14/23 approved changesets -- score normalized to 6
Reason
7 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-6cpc-mj5c-m9rq
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/TooTallNate/proxy-agents/release.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/TooTallNate/proxy-agents/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/TooTallNate/proxy-agents/release.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/TooTallNate/proxy-agents/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/TooTallNate/proxy-agents/test.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/TooTallNate/proxy-agents/test.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/TooTallNate/proxy-agents/test.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/TooTallNate/proxy-agents/test.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/TooTallNate/proxy-agents/test.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/TooTallNate/proxy-agents/test.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:119: update your workflow using https://app.stepsecurity.io/secureworkflow/TooTallNate/proxy-agents/test.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:122: update your workflow using https://app.stepsecurity.io/secureworkflow/TooTallNate/proxy-agents/test.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:127: update your workflow using https://app.stepsecurity.io/secureworkflow/TooTallNate/proxy-agents/test.yml/main?enable=pin
- Info: 0 out of 8 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 5 third-party GitHubAction dependencies pinned
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/release.yml:1
- Warn: no topLevel permission defined: .github/workflows/test.yml:1
- Info: no jobLevel write permissions found
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
license file not detected
Details
- Warn: project does not have a license file
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 29 are checked with a SAST tool
Score
4.4
/10
Last Scanned on 2025-01-13
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More