Gathering detailed insights and metrics for simple-get
Gathering detailed insights and metrics for simple-get
Simplest way to make http get requests. Supports HTTPS, redirects, gzip/deflate, streams in < 100 lines
Installations
npm install simple-getDeveloper Guide
BETA
Typescript
No
Module System
CommonJS, UMD
Node Version
17.3.0
NPM Version
8.3.0
Releases
Unable to fetch releases
Languages
1
JavaScript
JavaScript (100%)
Developer
feross
Download Statistics
Total Downloads
1,674,389,443
Last Day
1,857,715
Last Week
11,186,377
Last Month
46,419,905
Last Year
481,348,694
GitHub Statistics
MIT License
403 Stars
196 Commits
50 Forks
13 Watchers
11 Branches
17 Contributors
Updated on Mar 28, 2025
Bundle Size
3.52 kB
Minified
1.46 kB
Minified + Gzipped
Sponsor this package
Maintainers
1
Package Meta Information
Latest Version
4.0.1
Package Id
simple-get@4.0.1
Unpacked Size
14.62 kB
Size
5.40 kB
File Count
6
NPM Version
8.3.0
Node Version
17.3.0
Total Downloads
Cumulative downloads
Total Downloads
1,674,389,443
Last Day
18.8%
1,857,715
Compared to previous day
Last Week
11%
11,186,377
Compared to previous week
Last Month
-1.5%
46,419,905
Compared to previous month
Last Year
28.5%
481,348,694
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
3
Dev Dependencies
4
simple-get 
Simplest way to make http get requests
features
This module is the lightest possible wrapper on top of node.js http, but supporting these essential features:
- follows redirects
- automatically handles gzip/deflate responses
- supports HTTPS
- supports specifying a timeout
- supports convenience
urlkey so there's no need to useurl.parseon the url when specifying options - composes well with npm packages for features like cookies, proxies, form data, & OAuth
All this in < 100 lines of code.
install
npm install simple-get
usage
Note, all these examples also work in the browser with browserify.
simple GET request
Doesn't get easier than this:
1const get = require('simple-get') 2 3get('http://example.com', function (err, res) { 4 if (err) throw err 5 console.log(res.statusCode) // 200 6 res.pipe(process.stdout) // `res` is a stream 7})
even simpler GET request
If you just want the data, and don't want to deal with streams:
1const get = require('simple-get') 2 3get.concat('http://example.com', function (err, res, data) { 4 if (err) throw err 5 console.log(res.statusCode) // 200 6 console.log(data) // Buffer('this is the server response') 7})
POST, PUT, PATCH, HEAD, DELETE support
For POST, call get.post or use option { method: 'POST' }.
1const get = require('simple-get') 2 3const opts = { 4 url: 'http://example.com', 5 body: 'this is the POST body' 6} 7get.post(opts, function (err, res) { 8 if (err) throw err 9 res.pipe(process.stdout) // `res` is a stream 10})
A more complex example:
1const get = require('simple-get') 2 3get({ 4 url: 'http://example.com', 5 method: 'POST', 6 body: 'this is the POST body', 7 8 // simple-get accepts all options that node.js `http` accepts 9 // See: http://nodejs.org/api/http.html#http_http_request_options_callback 10 headers: { 11 'user-agent': 'my cool app' 12 } 13}, function (err, res) { 14 if (err) throw err 15 16 // All properties/methods from http.IncomingResponse are available, 17 // even if a gunzip/inflate transform stream was returned. 18 // See: http://nodejs.org/api/http.html#http_http_incomingmessage 19 res.setTimeout(10000) 20 console.log(res.headers) 21 22 res.on('data', function (chunk) { 23 // `chunk` is the decoded response, after it's been gunzipped or inflated 24 // (if applicable) 25 console.log('got a chunk of the response: ' + chunk) 26 })) 27 28})
JSON
You can serialize/deserialize request and response with JSON:
1const get = require('simple-get') 2 3const opts = { 4 method: 'POST', 5 url: 'http://example.com', 6 body: { 7 key: 'value' 8 }, 9 json: true 10} 11get.concat(opts, function (err, res, data) { 12 if (err) throw err 13 console.log(data.key) // `data` is an object 14})
Timeout
You can set a timeout (in milliseconds) on the request with the timeout option.
If the request takes longer than timeout to complete, then the entire request
will fail with an Error.
1const get = require('simple-get') 2 3const opts = { 4 url: 'http://example.com', 5 timeout: 2000 // 2 second timeout 6} 7 8get(opts, function (err, res) {})
One Quick Tip
It's a good idea to set the 'user-agent' header so the provider can more easily
see how their resource is used.
1const get = require('simple-get') 2const pkg = require('./package.json') 3 4get('http://example.com', { 5 headers: { 6 'user-agent': `my-module/${pkg.version} (https://github.com/username/my-module)` 7 } 8})
Proxies
You can use the tunnel module with the
agent option to work with proxies:
1const get = require('simple-get') 2const tunnel = require('tunnel') 3 4const opts = { 5 url: 'http://example.com', 6 agent: tunnel.httpOverHttp({ 7 proxy: { 8 host: 'localhost' 9 } 10 }) 11} 12 13get(opts, function (err, res) {})
Cookies
You can use the cookie module to include
cookies in a request:
1const get = require('simple-get') 2const cookie = require('cookie') 3 4const opts = { 5 url: 'http://example.com', 6 headers: { 7 cookie: cookie.serialize('foo', 'bar') 8 } 9} 10 11get(opts, function (err, res) {})
Form data
You can use the form-data module to
create POST request with form data:
1const fs = require('fs') 2const get = require('simple-get') 3const FormData = require('form-data') 4const form = new FormData() 5 6form.append('my_file', fs.createReadStream('/foo/bar.jpg')) 7 8const opts = { 9 url: 'http://example.com', 10 body: form 11} 12 13get.post(opts, function (err, res) {})
Or, include application/x-www-form-urlencoded form data manually:
1const get = require('simple-get') 2 3const opts = { 4 url: 'http://example.com', 5 form: { 6 key: 'value' 7 } 8} 9get.post(opts, function (err, res) {})
Specifically disallowing redirects
1const get = require('simple-get') 2 3const opts = { 4 url: 'http://example.com/will-redirect-elsewhere', 5 followRedirects: false 6} 7// res.statusCode will be 301, no error thrown 8get(opts, function (err, res) {})
Basic Auth
1const user = 'someuser' 2const pass = 'pa$$word' 3const encodedAuth = Buffer.from(`${user}:${pass}`).toString('base64') 4 5get('http://example.com', { 6 headers: { 7 authorization: `Basic ${encodedAuth}` 8 } 9})
OAuth
You can use the oauth-1.0a module to create
a signed OAuth request:
1const get = require('simple-get') 2const crypto = require('crypto') 3const OAuth = require('oauth-1.0a') 4 5const oauth = OAuth({ 6 consumer: { 7 key: process.env.CONSUMER_KEY, 8 secret: process.env.CONSUMER_SECRET 9 }, 10 signature_method: 'HMAC-SHA1', 11 hash_function: (baseString, key) => crypto.createHmac('sha1', key).update(baseString).digest('base64') 12}) 13 14const token = { 15 key: process.env.ACCESS_TOKEN, 16 secret: process.env.ACCESS_TOKEN_SECRET 17} 18 19const url = 'https://api.twitter.com/1.1/statuses/home_timeline.json' 20 21const opts = { 22 url: url, 23 headers: oauth.toHeader(oauth.authorize({url, method: 'GET'}, token)), 24 json: true 25} 26 27get(opts, function (err, res) {})
Throttle requests
You can use limiter to throttle requests. This is useful when calling an API that is rate limited.
1const simpleGet = require('simple-get') 2const RateLimiter = require('limiter').RateLimiter 3const limiter = new RateLimiter(1, 'second') 4 5const get = (opts, cb) => limiter.removeTokens(1, () => simpleGet(opts, cb)) 6get.concat = (opts, cb) => limiter.removeTokens(1, () => simpleGet.concat(opts, cb)) 7 8var opts = { 9 url: 'http://example.com' 10} 11 12get.concat(opts, processResult) 13get.concat(opts, processResult) 14 15function processResult (err, res, data) { 16 if (err) throw err 17 console.log(data.toString()) 18}
license
MIT. Copyright (c) Feross Aboukhadijeh.
High
7.5/10
Summary
Exposure of Sensitive Information in simple-get
Affected Versions
< 2.8.2
Patched Versions
2.8.2
High
7.5/10
Summary
Exposure of Sensitive Information in simple-get
Affected Versions
>= 3.0.0, < 3.1.1
Patched Versions
3.1.1
High
7.5/10
Summary
Exposure of Sensitive Information in simple-get
Affected Versions
= 4.0.0
Patched Versions
4.0.1
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
0 existing vulnerabilities detected
Reason
Found 2/15 approved changesets -- score normalized to 1
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/feross/simple-get/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/feross/simple-get/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/feross/simple-get/test.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/feross/simple-get/test.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:22
- Warn: npmCommand not pinned by hash: .github/workflows/test.yml:23
- Info: 0 out of 4 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 2 npmCommand dependencies pinned
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/ci.yml:1
- Warn: no topLevel permission defined: .github/workflows/test.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 19 are checked with a SAST tool
Score
3.9
/10
Last Scanned on 2025-05-05
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More