Gathering detailed insights and metrics for stream-orator
Gathering detailed insights and metrics for stream-orator
Gathering detailed insights and metrics for stream-orator
Gathering detailed insights and metrics for stream-orator
npm install stream-orator
Typescript
Module System
Node Version
NPM Version
TypeScript (48.06%)
JavaScript (46.69%)
HTML (5.25%)
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
MIT License
1 Stars
146 Commits
2 Watchers
1 Branches
1 Contributors
Updated on Dec 08, 2024
Latest Version
0.0.25
Package Id
stream-orator@0.0.25
Unpacked Size
15.97 kB
Size
5.45 kB
File Count
6
NPM Version
10.8.2
Node Version
20.18.0
Published on
Dec 08, 2024
Cumulative downloads
Total Downloads
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
2
This package contains a utility function, streamOrator, that does a fetch and pipes the response to a DOM element.
Example:
1<details> 2 <summary>HTML Specs</summary> 3 <div id=test></div> 4</details> 5<script type=module> 6 import {streamOrator} from 'node_modules/stream-orator/StreamOrator.js'; 7 streamOrator('https://html.spec.whatwg.org/', {}, test); 8</script>
The second parameter is the reqInit object (fetch options).
What this does: It streams HTML directly from site: https://html.spec.whatwg.org/ to the div element with id test. The third parameter is expected to be a reference to an HTML Element (not a querySelector string).
So basically, streamOrator is the fetch function, with a third parameter that specifies the target.
This package is a core package that can enable us to to start simulating the power of an iframe, but within the context of our document.
The first obstacle to fully achieving this is adjusting the url's for things like hyperlinks, images, script references, etc.
The most effective utility stream-orator provides is an event to subscribe to, giving access to the root node used during the import (which might be newly constructed shadowRoot):
[TODO] provide an example.
There is an additional optional "options" parameter, where we can utilize shadowDOM and other special settings:
1<details> 2 <summary>HTML Specs</summary> 3 <div id=test></div> 4</details> 5<script type=module> 6 import {streamOrator} from '../StreamOrator.js'; 7 streamOrator('https://html.spec.whatwg.org/', {}, test, {shadowRoot: 'open', encoding: 'UTF-16'}); 8</script>
Many sites are not so enlightened as whatwg, and prevent cross origin requests from passing through.
There are various services that aim to provide a gateway into public sites, serving as a reverse proxy, which unfortunately seem to die at an alarming rate. One such service is corslet by yours truly:
1<details> 2 <summary>Supreme Court</summary> 3 <div id=test></div> 4</details> 5<script type=module> 6 import {streamOrator} from '../StreamOrator.js'; 7 streamOrator('https://corslet.bahrus.workers.dev/?href=https%3A%2F%2Fwww.supremecourt.gov%2Fabout%2Fmembers_text.aspx&lhs=%3Cdiv+id%3D%22pagemaindiv%22+class%3D%22col-md-9%22%3E&rhs=script&exclude_rhs=on&ts=2022-12-06T00%3A26%3A47.783Z&wrapper=%3Cdiv%3E%7C%3C%2Fdiv%3E&ua=', {}, test); 8</script>
If access to the stream chunks is needed, including modifying the chunks, a little more ceremony is needed:
1<details>
2 <summary>HTML Specs</summary>
3 <div id=test></div>
4</details>
5<script type=module>
6 import {StreamOrator} from '../stream-orator.js';
7 const so = new StreamOrator(target, {toShadow: true});
8 so.addEventListener('new-chunk', e => {
9 const chunk = e.detail.chunk;
10 //search for a string. If the first part of the string you
11 //are searching for is found at the end of the chunk,
12 //may need to ask the orator to wait before flushing to the stream.
13 e.detail.flush = false;
14 });
15 await so.fetch('https://html.spec.whatwg.org/', {}); //fetch is happening!
16</script>
npm install
npm run serve
1import 'stream-orator/StreamOrator.js'; 2
1import 'https://esm.run/stream-orator/StreamOrator.js'; 2
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
Reason
0 existing vulnerabilities detected
Reason
dependency not pinned by hash detected -- score normalized to 3
Details
Reason
Found 0/30 approved changesets -- score normalized to 0
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
Reason
no SAST tool detected
Details
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
Reason
project is not fuzzed
Details
Reason
branch protection not enabled on development/release branches
Details
Score
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More