Gathering detailed insights and metrics for got-cjs
Gathering detailed insights and metrics for got-cjs
An action to release a CommonJS version of the popular library got, which is soon to be available only in an ESM format.
Installations
npm install got-cjsDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS
Min. Node Version
>=12
Node Version
16.18.0
NPM Version
8.19.2
Score
94.8
Supply Chain
99.6
Quality
75.2
Maintenance
100
Vulnerability
100
License
Releases
Unable to fetch releases
Languages
1
JavaScript
JavaScript (100%)
Developer
apify
Download Statistics
Total Downloads
7,263,763
Last Day
1,427
Last Week
40,589
Last Month
196,847
Last Year
3,062,510
GitHub Statistics
23 Stars
46 Commits
2 Forks
4 Watchers
2 Branches
23 Contributors
Updated on May 13, 2025
Bundle Size
130.92 kB
Minified
36.92 kB
Minified + Gzipped
Sponsor this package
Maintainers
1
Package Meta Information
Latest Version
12.5.4
Package Id
got-cjs@12.5.4
Unpacked Size
257.17 kB
Size
59.50 kB
File Count
45
NPM Version
8.19.2
Node Version
16.18.0
Total Downloads
Cumulative downloads
Total Downloads
7,263,763
Dependencies
12
Dev Dependencies
45
@hapi/bourne@sindresorhus/tsconfig@sinonjs/fake-timers@types/benchmark@types/express@types/node@types/pem@types/pify@types/readable-stream@types/request@types/sinon@types/sinonjs__fake-timers@types/tough-cookieavaaxiosbenchmarkbluebirdbody-parsercreate-certcreate-test-serverdel-clidelayexpressform-dataformdata-nodenocknode-fetchnpnycp-eventpempifyreadable-streamrequestsinonslow-streamtempythen-busboyto-readable-streamtough-cookiets-nodetype-festtypescriptxo@types/node-fetch
Sindre's open source work is supported by the community.
Special thanks to:
It’s 100% JavaScript, fully customizable, and developer-first.
Paperwork that makes the data work.
Easy APIs for paperwork. PDF generation, e-signature and embeddable no-code webforms.
The easiest way to build paperwork automation into your product.
The easiest way to build paperwork automation into your product.
Paperwork that makes the data work.
Easy APIs for paperwork. PDF generation, e-signature and embeddable no-code webforms.
The easiest way to build paperwork automation into your product.
The easiest way to build paperwork automation into your product.
Before Sizzy: web development is stressing you out, responsive design is hard, you have an overwhelming amount of opened tabs & apps.
After Sizzy: all the tools you need in one place, responsive design is a breeze, no more context switching.
After Sizzy: all the tools you need in one place, responsive design is a breeze, no more context switching.
Human-friendly and powerful HTTP request library for Node.js
See how Got compares to other HTTP libraries
For browser usage, we recommend Ky by the same people.
Support questions should be asked here.
Install
1npm install got
Warning: This package is native ESM and no longer provides a CommonJS export. If your project uses CommonJS, you'll have to convert to ESM or use the dynamic import() function. Please don't open issues for questions regarding CommonJS / ESM. You can also use Got v11 instead which is pretty stable. We will backport security fixes to v11 for the foreseeable future.
Take a peek
A quick start guide is available.
JSON mode
Got has a dedicated option for handling JSON payload.
Furthermore, the promise exposes a .json<T>() function that returns Promise<T>.
1import got from 'got'; 2 3const {data} = await got.post('https://httpbin.org/anything', { 4 json: { 5 hello: 'world' 6 } 7}).json(); 8 9console.log(data); 10//=> {"hello": "world"}
For advanced JSON usage, check out the parseJson and stringifyJson options.
For more useful tips like this, visit the Tips page.
Highlights
Documentation
By default, Got will retry on failure. To disable this option, set options.retry.limit to 0.
Main API
Timeouts and retries
Advanced creation
Cache, Proxy and UNIX sockets
Integration
Migration guides
Got plugins
got4aws- Got convenience wrapper to interact with AWS v4 signed APIsgh-got- Got convenience wrapper to interact with the GitHub APIgl-got- Got convenience wrapper to interact with the GitLab APIgotql- Got convenience wrapper to interact with GraphQL using JSON-parsed queries instead of stringsgot-fetch- Got with afetchinterfacegot-scraping- Got wrapper specifically designed for web scraping purposesgot-ssrf- Got wrapper to protect server-side requests against SSRF attacks
Legacy
- travis-got - Got convenience wrapper to interact with the Travis API
- graphql-got - Got convenience wrapper to interact with GraphQL
Comparison
got | request | node-fetch | ky | axios | superagent | |
|---|---|---|---|---|---|---|
| HTTP/2 support | :heavy_check_mark:¹ | :x: | :x: | :x: | :x: | :heavy_check_mark:** |
| Browser support | :x: | :x: | :heavy_check_mark:* | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |
| Promise API | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |
| Stream API | :heavy_check_mark: | :heavy_check_mark: | Node.js only | :x: | :x: | :heavy_check_mark: |
| Pagination API | :heavy_check_mark: | :x: | :x: | :x: | :x: | :x: |
| Request cancelation | :heavy_check_mark: | :x: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |
| RFC compliant caching | :heavy_check_mark: | :x: | :x: | :x: | :x: | :x: |
| Cookies (out-of-box) | :heavy_check_mark: | :heavy_check_mark: | :x: | :x: | :x: | :x: |
| Follows redirects | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |
| Retries on failure | :heavy_check_mark: | :x: | :x: | :heavy_check_mark: | :x: | :heavy_check_mark: |
| Progress events | :heavy_check_mark: | :x: | :x: | :heavy_check_mark:*** | Browser only | :heavy_check_mark: |
| Handles gzip/deflate | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |
| Advanced timeouts | :heavy_check_mark: | :x: | :x: | :x: | :x: | :x: |
| Timings | :heavy_check_mark: | :heavy_check_mark: | :x: | :x: | :x: | :x: |
| Errors with metadata | :heavy_check_mark: | :x: | :x: | :heavy_check_mark: | :heavy_check_mark: | :x: |
| JSON mode | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |
| Custom defaults | :heavy_check_mark: | :heavy_check_mark: | :x: | :heavy_check_mark: | :heavy_check_mark: | :x: |
| Composable | :heavy_check_mark: | :x: | :x: | :x: | :x: | :heavy_check_mark: |
| Hooks | :heavy_check_mark: | :x: | :x: | :heavy_check_mark: | :heavy_check_mark: | :x: |
| Issues open |  |  |  |  |  |  |
| Issues closed |  |  |  |  |  |  |
| Downloads |  |  |  |  |  |  |
| Coverage | TBD |  |  |  |  |  |
| Build |  |  |  |  |  |  |
| Bugs |  |  |  |  |  |  |
| Dependents | ||||||
| Install size | ||||||
| GitHub stars |  |  |  |  |  |  |
| TypeScript support | ||||||
| Last commit |  |  |  |  |  |  |
* It's almost API compatible with the browser fetch API.
** Need to switch the protocol manually. Doesn't accept PUSH streams and doesn't reuse HTTP/2 sessions.
*** Currently, only DownloadProgress event is supported, UploadProgress event is not supported.
¹ Requires Node.js 15.10.0 or above.
:sparkle: Almost-stable feature, but the API may change. Don't hesitate to try it out!
:grey_question: Feature in early stage of development. Very experimental.
Click here to see the install size of the Got dependencies.
Maintainers
 |  |
|---|---|
| Sindre Sorhus | Szymon Marczak |
Former
These amazing companies are using Got
|
|
|
|
|
|
|
|
|
|
|
|
Segment is a happy user of Got! Got powers the main backend API that our app talks to. It's used by our in-house RPC client that we use to communicate with all microservices.
Antora, a static site generator for creating documentation sites, uses Got to download the UI bundle. In Antora, the UI bundle (aka theme) is maintained as a separate project. That project exports the UI as a zip file we call the UI bundle. The main site generator downloads that UI from a URL using Got and streams it to vinyl-zip to extract the files. Those files go on to be used to create the HTML pages and supporting assets.
GetVoIP is happily using Got in production. One of the unique capabilities of Got is the ability to handle Unix sockets which enables us to build a full control interfaces for our docker stack.
We're using Got inside of Exoframe to handle all the communication between CLI and server. Exoframe is a self-hosted tool that allows simple one-command deployments using Docker.
Karaoke Mugen uses Got to fetch content updates from its online server.
Renovate uses Got, gh-got and gl-got to send millions of queries per day to GitHub, GitLab, npmjs, PyPi, Packagist, Docker Hub, Terraform, CircleCI, and more.
Resistbot uses Got to communicate from the API frontend where all correspondence ingresses to the officials lookup database in back.
Natural Cycles is using Got to communicate with all kinds of 3rd-party REST APIs (over 9000!).
Microlink is a cloud browser as an API service that uses Got widely as the main HTTP client, serving ~22M requests a month, every time a network call needs to be performed.
We’re using Got at Radity. Thanks for such an amazing work!
Got has been a crucial component of Apify's scraping for years. We use it to extract data from billions of web pages every month, and we really appreciate the powerful API and extensibility, which allowed us to build our own specialized HTTP client on top of Got. The support has always been stellar too.
For enterprise
Available as part of the Tidelift Subscription.
The maintainers of got and thousands of other packages are working with Tidelift to deliver commercial support and maintenance for the open source dependencies you use to build your applications. Save time, reduce risk, and improve code health, while paying the maintainers of the exact dependencies you use. Learn more.
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
0 existing vulnerabilities detected
Reason
Found 1/28 approved changesets -- score normalized to 0
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/apify/got-cjs/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/apify/got-cjs/publish.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/apify/got-cjs/publish.yml/main?enable=pin
- Info: 0 out of 2 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 1 third-party GitHubAction dependencies pinned
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/publish.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
license file not detected
Details
- Warn: project does not have a license file
Reason
branch protection not enabled on development/release branches
Details
- Warn: 'allow deletion' enabled on branch 'main'
- Warn: 'force pushes' enabled on branch 'main'
- Warn: 'branch protection settings apply to administrators' is disabled on branch 'main'
- Warn: could not determine whether codeowners review is allowed
- Warn: no status checks found to merge onto branch 'main'
- Warn: PRs are not required to make changes on branch 'main'; or we don't have data to detect it.If you think it might be the latter, make sure to run Scorecard with a PAT or use Repo Rules (that are always public) instead of Branch Protection settings
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 4 are checked with a SAST tool
Score
3.1
/10
Last Scanned on 2025-06-30
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More