Gathering detailed insights and metrics for nats
Gathering detailed insights and metrics for nats
Gathering detailed insights and metrics for nats
Gathering detailed insights and metrics for nats
node-nats-streaming
Node.js client for NATS Streaming, a lightweight, high-performance cloud native messaging system
natural-compare
Compare strings containing a mix of letters and numbers in the way a human being would in sort order.
ts-nats
Typescript Node.js client for NATS, a lightweight, high-performance cloud native messaging system
nats.ws
WebSocket NATS client
JavaScript client for Node.js, Bun, Deno and browser for NATS, the cloud native messaging system
npm install nats
Typescript
Module System
Min. Node Version
Node Version
NPM Version
97.2
Supply Chain
99.3
Quality
85.7
Maintenance
100
Vulnerability
100
License
Total
42,376,369
Last Day
9,410
Last Week
245,478
Last Month
1,072,212
Last Year
12,100,822
68 Stars
1,181 Commits
7 Forks
5 Watching
16 Branches
17 Contributors
Updated on 08 Dec 2024
Minified
Minified + Gzipped
TypeScript (95.63%)
JavaScript (4.32%)
Makefile (0.04%)
Dockerfile (0.02%)
Cumulative downloads
Total Downloads
Last day
-29.2%
9,410
Compared to previous day
Last week
-3.1%
245,478
Compared to previous week
Last month
12.7%
1,072,212
Compared to previous month
Last year
3.9%
12,100,822
Compared to previous year
1
7
A Node.js client for the NATS messaging system.
1npm install nats@latest
The nats.js@2.0.0 is not API compatible with previous versions of nats.js. For a migration guide, please see the migration guide.
This repository implements the Node.js transport of the client. This transport depends on a common module called the NATS Base Client which lives along the nats.deno. The NATS Base Client provides the same API and functionality across all JavaScript NATS clients supported by nats.io (nats.deno, nats.js and nats.ws).
While the best documentation is looking at code examples, you may want to browse the JSDoc documentation. The best entry point into the JS Doc is the NatsConnection all functionality starts with a connection.
To connect to a server you use the connect()
function. It returns a connection
that you can use to interact with the server. You can customize the behavior of
the client by specifying many ConnectionOptions
.
By default, a connection will attempt a connection on127.0.0.1:4222
. If the
connection is dropped, the client will attempt to reconnect. You can customize
the server you want to connect to by specifying port
(for local connections),
or full host port on the servers
option. Note that the servers
option can be
a single hostport (a string) or an array of hostports.
The example below will attempt to connect to different servers by specifying
different ConnectionOptions
. At least two of them should work if your internet
is working.
1import { connect } from "nats"; 2const servers = [ 3 {}, 4 { servers: ["demo.nats.io:4442", "demo.nats.io:4222"] }, 5 { servers: "demo.nats.io:4443" }, 6 { port: 4222 }, 7 { servers: "localhost" }, 8]; 9await servers.forEach(async (v) => { 10 try { 11 const nc = await connect(v); 12 console.log(`connected to ${nc.getServer()}`); 13 // this promise indicates the client closed 14 const done = nc.closed(); 15 // do something with the connection 16 17 // close the connection 18 await nc.close(); 19 // check if the close was OK 20 const err = await done; 21 if (err) { 22 console.log(`error closing:`, err); 23 } 24 } catch (err) { 25 console.log(`error connecting to ${JSON.stringify(v)}`); 26 } 27});
To disconnect from the nats-server, call close()
on the connection. A
connection can also be terminated when an unexpected error happens. For example,
the server returns a run-time error. In those cases, the client will re-initiate
a connection.
By default, the client will always attempt to reconnect if the connection is
closed for a reason other than calling close()
. To get notified when the
connection is closed for some reason, await the resolution of the Promise
returned by closed()
. If closed resolves to a value, the value is a
NatsError
indicating why the connection closed.
The basic client operations are publish
to send messages and subscribe
to
receive messages.
Messages are published to a subject. A subject is like a URL with the exception
that it doesn't specify an actual endpoint. All recipients that have expressed
interest in a subject will receive messages addressed to that subject (provided
they have access and permissions to get it). To express interest in a subject,
you create a subscription
.
In JavaScript clients (websocket, Deno, or Node) subscriptions work as an async iterator - clients simply loop to process messages as they become available.
NATS messages are payload agnostic. Payloads are Uint8Arrays
. You can easily
convert to and from JSON or strings by using JSONCodec
or StringCodec
, or a
custom Codec
.
To cancel a subscription and terminate your interest, you call unsubscribe()
or drain()
on a subscription. Unsubscribe will typically terminate regardless
of whether there are messages in flight for the client. Drain ensures that all
messages that are inflight are processed before canceling the subscription.
Connections can also be drained as well. Draining a connection closes it, after
all subscriptions have been drained and all outbound messages have been sent to
the server.
1import { connect, StringCodec } from "nats"; 2 3// to create a connection to a nats-server: 4const nc = await connect({ servers: "demo.nats.io:4222" }); 5 6// create a codec 7const sc = StringCodec(); 8// create a simple subscriber and iterate over messages 9// matching the subscription 10const sub = nc.subscribe("hello"); 11(async () => { 12 for await (const m of sub) { 13 console.log(`[${sub.getProcessed()}]: ${sc.decode(m.data)}`); 14 } 15 console.log("subscription closed"); 16})(); 17 18nc.publish("hello", sc.encode("world")); 19nc.publish("hello", sc.encode("again")); 20 21// we want to ensure that messages that are in flight 22// get processed, so we are going to drain the 23// connection. Drain is the same as close, but makes 24// sure that all messages in flight get seen 25// by the iterator. After calling drain on the connection 26// the connection closes. 27await nc.drain();
Subjects can be used to organize messages into hierarchies. For example, a subject may contain additional information that can be useful in providing a context to the message, such as the ID of the client that sent the message, or the region where a message originated.
Instead of subscribing to each specific subject, you can create subscriptions that have subjects with wildcards. Wildcards match one or more tokens in a subject. A token is a string following a period.
All subscriptions are independent. If two different subscriptions match a subject, both will get to process the message:
1import { connect, StringCodec } from "nats"; 2 3const nc = await connect({ servers: "demo.nats.io:4222" }); 4const sc = StringCodec(); 5 6// subscriptions can have wildcard subjects 7// the '*' matches any string in the specified token position 8const s1 = nc.subscribe("help.*.system"); 9const s2 = nc.subscribe("help.me.*"); 10// the '>' matches any tokens in that position or following 11// '>' can only be specified at the end of the subject 12const s3 = nc.subscribe("help.>"); 13 14async function printMsgs(s) { 15 let subj = s.getSubject(); 16 console.log(`listening for ${subj}`); 17 const c = 13 - subj.length; 18 const pad = "".padEnd(c); 19 for await (const m of s) { 20 console.log( 21 `[${subj}]${pad} #${s.getProcessed()} - ${m.subject} ${ 22 m.data ? " " + sc.decode(m.data) : "" 23 }`, 24 ); 25 } 26} 27 28printMsgs(s1); 29printMsgs(s2); 30printMsgs(s3); 31 32// don't exit until the client closes 33await nc.closed();
Request/Reply is NATS equivalent to an HTTP request. To make requests you
publish messages as you did before, but also specify a reply
subject. The
reply
subject is where a service will publish your response.
NATS provides syntactic sugar, for publishing requests. The request()
API will
generate a reply subject and manage the creation of a subscription under the
covers. It will also start a timer to ensure that if a response is not received
within your allotted time, the request fails. The example also illustrates a
graceful shutdown.
Here's an example of a service. It is a bit more complicated than expected simply to illustrate not only how to create responses, but how the subject itself is used to dispatch different behaviors.
1import { connect, StringCodec } from "nats"; 2 3// create a connection 4const nc = await connect({ servers: "demo.nats.io" }); 5 6// create a codec 7const sc = StringCodec(); 8 9// this subscription listens for `time` requests and returns the current time 10const subscription = nc.subscribe("time"); 11(async (sub) => { 12 console.log(`listening for ${sub.getSubject()} requests...`); 13 for await (const m of sub) { 14 if (m.respond(sc.encode(new Date().toISOString()))) { 15 console.info(`[time] handled #${sub.getProcessed()}`); 16 } else { 17 console.log(`[time] #${sub.getProcessed()} ignored - no reply subject`); 18 } 19 } 20 console.log(`subscription ${sub.getSubject()} drained.`); 21})(subscription); 22 23// this subscription listens for admin.uptime and admin.stop 24// requests to admin.uptime returns how long the service has been running 25// requests to admin.stop gracefully stop the client by draining 26// the connection 27const started = Date.now(); 28const msub = nc.subscribe("admin.*"); 29(async (sub) => { 30 console.log(`listening for ${sub.getSubject()} requests [uptime | stop]`); 31 // it would be very good to verify the origin of the request 32 // before implementing something that allows your service to be managed. 33 // NATS can limit which client can send or receive on what subjects. 34 for await (const m of sub) { 35 const chunks = m.subject.split("."); 36 console.info(`[admin] #${sub.getProcessed()} handling ${chunks[1]}`); 37 switch (chunks[1]) { 38 case "uptime": 39 // send the number of millis since up 40 m.respond(sc.encode(`${Date.now() - started}`)); 41 break; 42 case "stop": { 43 m.respond(sc.encode(`[admin] #${sub.getProcessed()} stopping....`)); 44 // gracefully shutdown 45 nc.drain() 46 .catch((err) => { 47 console.log("error draining", err); 48 }); 49 break; 50 } 51 default: 52 console.log( 53 `[admin] #${sub.getProcessed()} ignoring request for ${m.subject}`, 54 ); 55 } 56 } 57 console.log(`subscription ${sub.getSubject()} drained.`); 58})(msub); 59 60// wait for the client to close here. 61await nc.closed().then((err) => { 62 let m = `connection to ${nc.getServer()} closed`; 63 if (err) { 64 m = `${m} with an error: ${err.message}`; 65 } 66 console.log(m); 67});
Here's a simple example of a client making a simple request from the service above:
1import { connect, Empty, StringCodec } from "nats"; 2 3// create a connection 4const nc = await connect({ servers: "demo.nats.io:4222" }); 5 6// create an encoder 7const sc = StringCodec(); 8 9// the client makes a request and receives a promise for a message 10// by default the request times out after 1s (1000 millis) and has 11// no payload. 12await nc.request("time", Empty, { timeout: 1000 }) 13 .then((m) => { 14 console.log(`got response: ${sc.decode(m.data)}`); 15 }) 16 .catch((err) => { 17 console.log(`problem with request: ${err.message}`); 18 }); 19 20await nc.close();
Queue groups allow scaling of services horizontally. Subscriptions for members of a queue group are treated as a single service. When you send a message to a queue group subscription, only a single client in a queue group will receive it.
There can be any number of queue groups. Each group is treated as its own independent unit. Note that non-queue subscriptions are also independent of subscriptions in a queue group.
1import { 2 connect, 3 NatsConnection, 4 StringCodec, 5} from "nats"; 6 7async function createService( 8 name, 9 count = 1, 10 queue = "" 11): Promise { 12 const conns = []; 13 for (let i = 1; i <= count; i++) { 14 const n = queue ? `${name}-${i}` : name; 15 const nc = await connect( 16 { servers: "demo.nats.io:4222", name: `${n}` }, 17 ); 18 nc.closed() 19 .then((err) => { 20 if (err) { 21 console.error( 22 `service ${n} exited because of error: ${err.message}`, 23 ); 24 } 25 }); 26 // create a subscription - note the option for a queue, if set 27 // any client with the same queue will be a member of the group. 28 const sub = nc.subscribe("echo", { queue: queue }); 29 const _ = handleRequest(n, sub); 30 console.log(`${nc.options.name} is listening for 'echo' requests...`); 31 conns.push(nc); 32 } 33 return conns; 34} 35 36const sc = StringCodec(); 37 38// simple handler for service requests 39async function handleRequest(name, s) { 40 const p = 12 - name.length; 41 const pad = "".padEnd(p); 42 for await (const m of s) { 43 // respond returns true if the message had a reply subject, thus it could respond 44 if (m.respond(m.data)) { 45 console.log( 46 `[${name}]:${pad} #${s.getProcessed()} echoed ${sc.decode(m.data)}`, 47 ); 48 } else { 49 console.log( 50 `[${name}]:${pad} #${s.getProcessed()} ignoring request - no reply subject`, 51 ); 52 } 53 } 54} 55 56// let's create two queue groups and a standalone subscriber 57const conns = []; 58conns.push(...await createService("echo", 3, "echo")); 59conns.push(...await createService("other-echo", 2, "other-echo")); 60conns.push(...await createService("standalone")); 61 62const a: Promise<void | Error>[] = []; 63conns.forEach((c) => { 64 a.push(c.closed()); 65}); 66await Promise.all(a);
Run it and publish a request to the subject echo
to see what happens.
NATS headers are similar to HTTP headers. Headers are enabled automatically if the server supports them. Note that if you publish a message using headers, and the server doesn't support them, an Error is thrown. Also note that even if you are publishing a message with a header, it is possible for the recipient to not support them.
1import { connect, createInbox, Empty, headers } from "nats"; 2 3const nc = await connect( 4 { 5 servers: `demo.nats.io`, 6 }, 7); 8 9const subj = createInbox(); 10const sub = nc.subscribe(subj); 11(async () => { 12 for await (const m of sub) { 13 if (m.headers) { 14 for (const [key, value] of m.headers) { 15 console.log(`${key}=${value}`); 16 } 17 // reading/setting a header is not case sensitive 18 console.log("id", m.headers.get("id")); 19 } 20 } 21})().then(); 22 23// headers always have their names turned into a canonical mime header key 24// header names can be any printable ASCII character with the exception of `:`. 25// header values can be any ASCII character except `\r` or `\n`. 26// see https://www.ietf.org/rfc/rfc822.txt 27const h = headers(); 28h.append("id", "123456"); 29h.append("unix_time", Date.now().toString()); 30nc.publish(subj, Empty, { headers: h }); 31 32await nc.flush(); 33await nc.close();
Requests can fail for many reasons. A common reason for a failure is the lack of
interest in the subject. Typically, these surface as a timeout error. If the
server is enabled to use headers, it will also enable a no responders
feature.
If you send a request for which there's no interest, the request will be
immediately rejected:
1const nc = await connect({ 2 servers: `demo.nats.io`, 3}); 4 5try { 6 const m = await nc.request("hello.world"); 7 console.log(m.data); 8} catch (err) { 9 switch (err.code) { 10 case ErrorCode.NoResponders: 11 console.log("no one is listening to 'hello.world'"); 12 break; 13 case ErrorCode.Timeout: 14 console.log("someone is listening but didn't respond"); 15 break; 16 default: 17 console.log("request failed", err); 18 } 19} 20 21await nc.close();
NATS supports many different forms of authentication:
For user/password and token authentication, you can simply provide them as
ConnectionOptions
- see user
, pass
, token
. Internally these mechanisms
are implemented as an Authenticator
. An Authenticator
is simply a function
that handles the type of authentication specified.
Setting the user
/pass
or token
options, simply initializes an
Authenticator
and sets the username/password.
1// if the connection requires authentication, provide `user` and `pass` or 2// `token` options in the NatsConnectionOptions 3import { connect } from "nats"; 4 5const nc1 = await connect({ 6 servers: "127.0.0.1:4222", 7 user: "jenny", 8 pass: "867-5309", 9}); 10const nc2 = await connect({ port: 4222, token: "t0pS3cret!" });
NKEYs and JWT authentication are more complex, as they cryptographically respond to a server challenge.
Because NKEY and JWT authentication may require reading data from a file or an HTTP cookie, these forms of authentication will require a bit more from the developer to activate them. However, the work is related to accessing these resources varies depending on the platform.
After the credential artifacts are read, you can use one of these functions to
create the authenticator. You then simply assign it to the authenticator
property of the ConnectionOptions
:
nkeyAuthenticator(seed?: Uint8Array | (() => Uint8Array)): Authenticator
jwtAuthenticator(jwt: string | (() => string), seed?: Uint8Array | (()=> Uint8Array)): Authenticator
credsAuthenticator(creds: Uint8Array): Authenticator
The first two options provide the ability to specify functions that return the desired value. This enables dynamic environments such as a browser where values accessed by fetching a value from a cookie.
Here's an example:
1// read the creds file as necessary, in the case it 2// is part of the code for illustration purposes 3const creds = `-----BEGIN NATS USER JWT----- 4 eyJ0eXAiOiJqdSDJB.... 5 ------END NATS USER JWT------ 6 7************************* IMPORTANT ************************* 8 NKEY Seed printed below can be used sign and prove identity. 9 NKEYs are sensitive and should be treated as secrets. 10 11 -----BEGIN USER NKEY SEED----- 12 SUAIBDPBAUTW.... 13 ------END USER NKEY SEED------ 14`; 15 16const nc = await connect( 17 { 18 port: 4222, 19 authenticator: credsAuthenticator(new TextEncoder().encode(creds)), 20 }, 21);
The node client supports the ability to verify the tls connection if client certificates are specified as ConnectionOptions:
1tlsOptions = { 2 keyFile: "./test/certs/client-key.pem", 3 certFile: "./test/certs/client-cert.pem", 4 caFile: "./test/certs/ca.pem", 5}; 6nc = await connect({ tls: tlsOptions });
Flush sends a PING to the server. When the server responds with PONG you are
guaranteed that all pending data was sent and received by the server. Note
ping()
effectively adds a server round-trip. All NATS clients handle their
buffering optimally, so ping(): Promise<void>
shouldn't be used except in
cases where you are writing some sort of test.
1nc.publish("foo"); 2nc.publish("bar"); 3await nc.flush();
PublishOptions
When you publish a message you can specify some options:
reply
- this is a subject to receive a reply (you must set up a
subscription) before you publish.headers
- a set of headers to decorate the message.SubscriptionOptions
You can specify several options when creating a subscription:
max
: maximum number of messages to receive - auto unsubscribetimeout
: how long to wait for the first messagequeue
: the queue group name the subscriber belongs tocallback
: a function with the signature
(err: NatsError|null, msg: Msg) => void;
that should be used for handling
the message. Subscriptions with callbacks are NOT iterators.1// subscriptions can auto unsubscribe after a certain number of messages 2nc.subscribe("foo", { max: 10 });
1// create subscription with a timeout, if no message arrives 2// within the timeout, the function running the iterator with 3// reject - depending on how you code it, you may need a 4// try/catch block. 5const sub = nc.subscribe("hello", { timeout: 1000 }); 6(async () => { 7 for await (const m of sub) { 8 } 9})().catch((err) => { 10 if (err.code === ErrorCode.Timeout) { 11 console.log(`sub timed out!`); 12 } else { 13 console.log(`sub iterator got an error!`); 14 } 15});
RequestOptions
When making a request, there are several options you can pass:
timeout
: how long to wait for the responseheaders
: optional headers to include with the messagenoMux
: create a new subscription to handle the request. Normally a shared
subscription is used to receive response messages.reply
: optional subject where the reply should be sent.noMux
and reply
Under the hood, the request API simply uses a wildcard subscription to handle all requests you send.
In some cases, the default subscription strategy doesn't work correctly. For example, a client may be constrained by the subjects where it can receive replies.
When noMux
is set to true
, the client will create a normal subscription for
receiving the response to a generated inbox subject before the request is
published. The reply
option can be used to override the generated inbox
subject with an application provided one. Note that setting reply
requires
noMux
to be true
:
1const m = await nc.request( 2 "q", 3 Empty, 4 { reply: "bar", noMux: true, timeout: 1000 }, 5);
Draining provides for a graceful way to unsubscribe or close a connection without losing messages that have already been dispatched to the client.
You can drain a subscription or all subscriptions in a connection.
When you drain a subscription, the client sends an unsubscribe
protocol
message to the server followed by a flush
. The subscription handler is only
removed after the server responds. Thus, all pending messages for the
subscription have been processed.
Draining a connection, drains all subscriptions. However, when you drain the connection it becomes impossible to make new subscriptions or send new requests. After the last subscription is drained, it also becomes impossible to publish a message. These restrictions do not exist when just draining a subscription.
Clients can get notification on various event types:
Events.Disconnect
Events.Reconnect
Events.Update
Events.LDM
Events.Error
The first two fire when a client disconnects and reconnects respectively. The payload will be the server where the event took place.
The UPDATE
event notifies whenever the client receives a cluster configuration
update. The ServersChanged
interface provides two arrays: added
and
deleted
listing the servers that were added or removed.
The LDM
event notifies that the current server has signaled that it is running
in Lame Duck Mode and will evict clients. Depending on the server
configuration policy, the client may want to initiate an ordered shutdown, and
initiate a new connection to a different server in the cluster.
The ERROR
event notifies you of async errors that couldn't be routed in a more
precise way to your client. For example, permission errors for a subscription or
request, will properly be reported by the subscription or request. However,
permission errors on publish will be reported via the status mechanism.
1const nc = await connect(); 2(async () => { 3 console.info(`connected ${nc.getServer()}`); 4 for await (const s of nc.status()) { 5 console.info(`${s.type}: ${s.data}`); 6 } 7})().then(); 8 9nc.closed() 10 .then((err) => { 11 console.log( 12 `connection closed ${err ? " with error: " + err.message : ""}`, 13 ); 14 });
Be aware that when a client closes, you will need to wait for the closed()
promise to resolve. When it resolves, the client is done and will not reconnect.
Previous versions of the JavaScript NATS clients specified callbacks for message processing. This required complex handling logic when a service required coordination of operations. Callbacks are an inversion of control anti-pattern.
The async APIs trivialize complex coordination and makes your code easier to maintain. With that said, there are some implications:
In a traditional callback-based library, I/O happens after all data yielded by a read in the current event loop completes processing. This means that callbacks are invoked as part of processing. With async, the processing is queued in a microtask queue. At the end of the event loop, the runtime processes the microtasks, which in turn resumes your functions. As expected, this increases latency, but also provides additional liveliness.
To reduce async latency, the NATS client allows processing a subscription in the
same event loop that dispatched the message. Simply specify a callback
in the
subscription options. The signature for a callback is
(err: (NatsError|null), msg: Msg) => void
. When specified, the subscription
iterator will never yield a message, as the callback will intercept all
messages.
Note that callback
likely shouldn't even be documented, as likely it is a
workaround to an underlying application problem where you should be considering
a different strategy to horizontally scale your application, or reduce pressure
on the clients, such as using queue workers, or more explicitly targeting
messages. With that said, there are many situations where using callbacks can be
more performant or appropriate.
The following is the list of connection options and default values.
Option | Default | Description |
---|---|---|
authenticator | none | Specifies the authenticator function that sets the client credentials. |
debug | false | If true , the client prints protocol interactions to the console. Useful for debugging. |
ignoreClusterUpdates | false | If true the client will ignore any cluster updates provided by the server. |
ignoreAuthErrorAbort | false | Prevents client connection aborts if the client fails more than twice in a row with an authentication error |
inboxPrefix | "_INBOX" | Sets de prefix for automatically created inboxes - createInbox(prefix) |
maxPingOut | 2 | Max number of pings the client will allow unanswered before raising a stale connection error. |
maxReconnectAttempts | 10 | Sets the maximum number of reconnect attempts. The value of -1 specifies no limit. |
name | Optional client name - recommended to be set to a unique client name. | |
noAsyncTraces | false | When true the client will not add additional context to errors associated with request operations. Setting this option to true will greatly improve performance of request/reply and JetStream publishers. |
noEcho | false | Subscriptions receive messages published by the client. Requires server support (1.2.0). If set to true, and the server does not support the feature, an error with code NO_ECHO_NOT_SUPPORTED is emitted, and the connection is aborted. Note that it is possible for this error to be emitted on reconnect when the server reconnects to a server that does not support the feature. |
noRandomize | false | If set, the order of user-specified servers is randomized. |
resolve | If set to false, will not resolve host names. Note that by default it is set to true if the client supports resolution. It is an error to set it to true when not supported. | |
pass | Sets the password for a connection. | |
pedantic | false | Turns on strict subject format checks. |
pingInterval | 120000 | Number of milliseconds between client-sent pings. |
port | 4222 | Port to connect to (only used if servers is not specified). |
reconnect | true | If false, client will not attempt reconnecting. |
reconnectDelayHandler | Generated function | A function that returns the number of millis to wait before the next connection to a server it connected to ()=>number . |
reconnectJitter | 100 | Number of millis to randomize after reconnectTimeWait . |
reconnectJitterTLS | 1000 | Number of millis to randomize after reconnectTimeWait when TLS options are specified. |
reconnectTimeWait | 2000 | If disconnected, the client will wait the specified number of milliseconds between reconnect attempts. |
servers | "localhost:4222" | String or Array of hostport for servers. |
timeout | 20000 | Number of milliseconds the client will wait for a connection to be established. If it fails it will emit a connection_timeout event with a NatsError that provides the hostport of the server where the connection was attempted. |
tls | TlsOptions | A configuration object for requiring a TLS connection (not applicable to nats.ws). |
token | Sets a authorization token for a connection. | |
user | Sets the username for a connection. | |
verbose | false | Turns on +OK protocol acknowledgements. |
waitOnFirstConnect | false | If true the client will fall back to a reconnect mode if it fails its first connection attempt. |
Option | Default | Description |
---|---|---|
caFile | CA certificate filepath | |
ca | CA certificate | |
certFile | Client certificate file path | |
cert | Client certificate | |
keyFile | Client key file path | |
key | Client key | |
handshakeFirst | false | Connects to the server directly as TLS rather than upgrade the connection. Note that the server must be configured accordingly. |
In some Node and Deno clients, having the option set to an empty option, requires the client have a secured connection.
The settings reconnectTimeWait
, reconnectJitter
, reconnectJitterTLS
,
reconnectDelayHandler
are all related. They control how long before the NATS
client attempts to reconnect to a server it has previously connected.
The intention of the settings is to spread out the number of clients attempting to reconnect to a server over a period of time, and thus preventing a "Thundering Herd".
The relationship between these are:
reconnectDelayHandler
is specified, the client will wait the value
returned by this function. No other value will be taken into account.reconnectJitterTLS
and add it to reconnectTimeWait
.reconnectJitter
and add it to reconnectTimeWait
.JetStream is the NATS persistence engine providing streaming, message, and worker queues with At-Least-Once semantics. Support for JetStream is built-in.
The service API allows you to easily build NATS services The services API is currently in beta functionality.
The library shares client functionality with
NATS.deno. This means that both the
NATS.deno and NATS.js use the same exact code base, only differing on the
implementation of the Transport
. This strategy greatly reduces the amount of
work required to develop and maintain the clients, as well as provide a
completely compatible API across all clients.
Currently, the base client implementation is the deno implementation. You can take a look at it here.
Our support policy for Nodejs versions follows Nodejs release support. We will support and build node-nats on even-numbered Nodejs versions that are current or in LTS.
Stable Version
1
0/10
Summary
Client TLS credentials sent raw to server in npm package nats
Affected Versions
>= 2.0.0-201, <= 2.0.0-208
Patched Versions
2.0.0-209
1
7.5/10
Summary
Sensitive data exposure in NATS
Affected Versions
>= 2.0.0-201, <= 2.0.0-206
Patched Versions
2.0.0-209
Reason
30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
Reason
no binaries found in the repo
Reason
0 existing vulnerabilities detected
Reason
Found 28/30 approved changesets -- score normalized to 9
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
detected GitHub workflow tokens with excessive permissions
Details
Reason
security policy file not detected
Details
Reason
project is not fuzzed
Details
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
Score
Last Scanned on 2024-12-02
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More