promptgraph-mcp 2.4.7 → 2.4.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +3 -6
- package/ann.js +23 -51
- package/api.js +200 -0
- package/config.js +7 -0
- package/db.js +20 -0
- package/embedder.js +10 -0
- package/github-import.js +102 -22
- package/indexer.js +45 -11
- package/marketplace.js +47 -5
- package/package.json +9 -3
- package/search.js +84 -20
- package/src/filter/hard-filter.js +2 -0
- package/src/filter/train.js +3 -1
- package/src/store/flat-store.js +61 -0
- package/src/store/hnsw-store.js +187 -0
- package/src/store/index.js +19 -0
- package/src/store/vector-store.js +9 -0
- package/validator.js +7 -1
- package/registry/training/bad/accepts-HISTORY.md +0 -250
- package/registry/training/bad/argparse-CHANGELOG.md +0 -185
- package/registry/training/bad/balanced-match-LICENSE.md +0 -23
- package/registry/training/bad/better-sqlite3-README.md +0 -99
- package/registry/training/bad/bindings-LICENSE.md +0 -22
- package/registry/training/bad/bl-LICENSE.md +0 -13
- package/registry/training/bad/body-parser-README.md +0 -494
- package/registry/training/bad/bytes-HISTORY.md +0 -97
- package/registry/training/bad/camelcase-README.md +0 -135
- package/registry/training/bad/chai-README.md +0 -162
- package/registry/training/bad/cli-progress-LICENSE.md +0 -24
- package/registry/training/bad/content-type-HISTORY.md +0 -29
- package/registry/training/bad/cookie-SECURITY.md +0 -25
- package/registry/training/bad/cookie-signature-HISTORY.md +0 -70
- package/registry/training/bad/cors-README.md +0 -277
- package/registry/training/bad/cross-spawn-README.md +0 -89
- package/registry/training/bad/deep-extend-CHANGELOG.md +0 -46
- package/registry/training/bad/depd-HISTORY.md +0 -103
- package/registry/training/bad/esprima-README.md +0 -46
- package/registry/training/bad/etag-HISTORY.md +0 -83
- package/registry/training/bad/expect-type-SECURITY.md +0 -14
- package/registry/training/bad/finalhandler-HISTORY.md +0 -239
- package/registry/training/bad/fresh-HISTORY.md +0 -80
- package/registry/training/bad/glob-LICENSE.md +0 -63
- package/registry/training/bad/hono-README.md +0 -85
- package/registry/training/bad/http-errors-HISTORY.md +0 -186
- package/registry/training/bad/jose-LICENSE.md +0 -21
- package/registry/training/bad/jose-README.md +0 -153
- package/registry/training/bad/js-yaml-README.md +0 -299
- package/registry/training/bad/json-schema-typed-LICENSE.md +0 -57
- package/registry/training/bad/json-stringify-safe-CHANGELOG.md +0 -14
- package/registry/training/bad/lru-cache-LICENSE.md +0 -55
- package/registry/training/bad/media-typer-HISTORY.md +0 -50
- package/registry/training/bad/minimatch-LICENSE.md +0 -55
- package/registry/training/bad/minimist-CHANGELOG.md +0 -298
- package/registry/training/bad/minimist-README.md +0 -121
- package/registry/training/bad/ms-LICENSE.md +0 -21
- package/registry/training/bad/negotiator-HISTORY.md +0 -114
- package/registry/training/bad/on-finished-HISTORY.md +0 -98
- package/registry/training/bad/pkce-challenge-CHANGELOG.md +0 -114
- package/registry/training/bad/postcss-README.md +0 -28
- package/registry/training/bad/prebuild-install-CHANGELOG.md +0 -131
- package/registry/training/bad/proxy-addr-HISTORY.md +0 -161
- package/registry/training/bad/qs-CHANGELOG.md +0 -822
- package/registry/training/bad/rc-README.md +0 -227
- package/registry/training/bad/readable-stream-CONTRIBUTING.md +0 -38
- package/registry/training/bad/router-HISTORY.md +0 -228
- package/registry/training/bad/semver-README.md +0 -680
- package/registry/training/bad/send-README.md +0 -317
- package/registry/training/bad/serve-static-README.md +0 -253
- package/registry/training/bad/statuses-HISTORY.md +0 -87
- package/registry/training/bad/type-is-HISTORY.md +0 -292
- package/registry/training/bad/vary-HISTORY.md +0 -39
- package/registry/training/bad/vite-LICENSE.md +0 -2230
- package/registry/training/bad/which-CHANGELOG.md +0 -166
- package/registry/training/bad/zod-README.md +0 -191
- package/registry/training/good/skills-store-autopilot.md +0 -85
- package/registry/training/good/skills-store-bot-builder.md +0 -70
- package/registry/training/good/skills-store-chain.md +0 -136
- package/registry/training/good/skills-store-evolve.md +0 -100
- package/registry/training/good/skills-store-game.md +0 -27
- package/registry/training/good/skills-store-hunt.md +0 -102
- package/registry/training/good/skills-store-intel.md +0 -56
- package/registry/training/good/skills-store-memory-gc.md +0 -58
- package/registry/training/good/skills-store-pcsort.md +0 -207
- package/registry/training/good/skills-store-pickup.md +0 -60
- package/registry/training/good/skills-store-recon.md +0 -141
- package/registry/training/good/skills-store-remember.md +0 -64
- package/registry/training/good/skills-store-report.md +0 -117
- package/registry/training/good/skills-store-router.md +0 -225
- package/registry/training/good/skills-store-search.md +0 -168
- package/registry/training/good/skills-store-surface.md +0 -53
- package/registry/training/good/skills-store-token-scan.md +0 -141
- package/registry/training/good/skills-store-triage.md +0 -97
- package/registry/training/good/skills-store-unity.md +0 -733
- package/registry/training/good/skills-store-validate.md +0 -135
- package/registry/training/good/skills-store-web3-audit.md +0 -217
|
@@ -1,99 +0,0 @@
|
|
|
1
|
-
# better-sqlite3 [](https://github.com/JoshuaWise/better-sqlite3/actions/workflows/build.yml?query=branch%3Amaster)
|
|
2
|
-
|
|
3
|
-
The fastest and simplest library for SQLite in Node.js.
|
|
4
|
-
|
|
5
|
-
- Full transaction support
|
|
6
|
-
- High performance, efficiency, and safety
|
|
7
|
-
- Easy-to-use synchronous API *(better concurrency than an asynchronous API... yes, you read that correctly)*
|
|
8
|
-
- Support for user-defined functions, aggregates, virtual tables, and extensions
|
|
9
|
-
- 64-bit integers *(invisible until you need them)*
|
|
10
|
-
- Worker thread support *(for large/slow queries)*
|
|
11
|
-
|
|
12
|
-
## Help this project stay strong! 💪
|
|
13
|
-
|
|
14
|
-
`better-sqlite3` is used by thousands of developers and engineers on a daily basis. Long nights and weekends were spent keeping this project strong and dependable, with no ask for compensation or funding, until now. If your company uses `better-sqlite3`, ask your manager to consider supporting the project:
|
|
15
|
-
|
|
16
|
-
- [Become a GitHub sponsor](https://github.com/sponsors/JoshuaWise)
|
|
17
|
-
- [Become a backer on Patreon](https://www.patreon.com/joshuawise)
|
|
18
|
-
- [Make a one-time donation on PayPal](https://www.paypal.me/joshuathomaswise)
|
|
19
|
-
|
|
20
|
-
## How other libraries compare
|
|
21
|
-
|
|
22
|
-
| |select 1 row `get()` |select 100 rows `all()` |select 100 rows `iterate()` 1-by-1|insert 1 row `run()`|insert 100 rows in a transaction|
|
|
23
|
-
|---|---|---|---|---|---|
|
|
24
|
-
|better-sqlite3|1x|1x|1x|1x|1x|
|
|
25
|
-
|[sqlite](https://www.npmjs.com/package/sqlite) and [sqlite3](https://www.npmjs.com/package/sqlite3)|11.7x slower|2.9x slower|24.4x slower|2.8x slower|15.6x slower|
|
|
26
|
-
|
|
27
|
-
> You can verify these results by [running the benchmark yourself](./docs/benchmark.md).
|
|
28
|
-
|
|
29
|
-
## Installation
|
|
30
|
-
|
|
31
|
-
```bash
|
|
32
|
-
npm install better-sqlite3
|
|
33
|
-
```
|
|
34
|
-
|
|
35
|
-
> Requires a [currently supported Node.js](https://nodejs.org/en/about/previous-releases) version. Prebuilt binaries are available for [LTS versions](https://nodejs.org/en/about/previous-releases). If you have trouble installing, check the [troubleshooting guide](./docs/troubleshooting.md).
|
|
36
|
-
|
|
37
|
-
## Usage
|
|
38
|
-
|
|
39
|
-
```js
|
|
40
|
-
const db = require('better-sqlite3')('foobar.db', options);
|
|
41
|
-
|
|
42
|
-
const row = db.prepare('SELECT * FROM users WHERE id = ?').get(userId);
|
|
43
|
-
console.log(row.firstName, row.lastName, row.email);
|
|
44
|
-
```
|
|
45
|
-
|
|
46
|
-
Though not required, [it is generally important to set the WAL pragma for performance reasons](https://github.com/WiseLibs/better-sqlite3/blob/master/docs/performance.md).
|
|
47
|
-
|
|
48
|
-
```js
|
|
49
|
-
db.pragma('journal_mode = WAL');
|
|
50
|
-
```
|
|
51
|
-
|
|
52
|
-
##### In ES6 module notation:
|
|
53
|
-
|
|
54
|
-
```js
|
|
55
|
-
import Database from 'better-sqlite3';
|
|
56
|
-
const db = new Database('foobar.db', options);
|
|
57
|
-
db.pragma('journal_mode = WAL');
|
|
58
|
-
```
|
|
59
|
-
|
|
60
|
-
## Why should I use this instead of [node-sqlite3](https://github.com/mapbox/node-sqlite3)?
|
|
61
|
-
|
|
62
|
-
- `node-sqlite3` uses asynchronous APIs for tasks that are either CPU-bound or serialized. That's not only bad design, but it wastes tons of resources. It also causes [mutex thrashing](https://en.wikipedia.org/wiki/Resource_contention) which has devastating effects on performance.
|
|
63
|
-
- `node-sqlite3` exposes low-level (C language) memory management functions. `better-sqlite3` does it the JavaScript way, allowing the garbage collector to worry about memory management.
|
|
64
|
-
- `better-sqlite3` is simpler to use, and it provides nice utilities for some operations that are very difficult or impossible in `node-sqlite3`.
|
|
65
|
-
- `better-sqlite3` is much faster than `node-sqlite3` in most cases, and just as fast in all other cases.
|
|
66
|
-
|
|
67
|
-
#### When is this library not appropriate?
|
|
68
|
-
|
|
69
|
-
In most cases, if you're attempting something that cannot be reasonably accomplished with `better-sqlite3`, it probably cannot be reasonably accomplished with SQLite in general. For example, if you're executing queries that take one second to complete, and you expect to have many concurrent users executing those queries, no amount of asynchronicity will save you from SQLite's serialized nature. Fortunately, SQLite is very *very* fast. With proper indexing, we've been able to achieve upward of 2000 queries per second with 5-way-joins in a 60 GB database, where each query was handling 5–50 kilobytes of real data.
|
|
70
|
-
|
|
71
|
-
If you have a performance problem, the most likely causes are inefficient queries, improper indexing, or a lack of [WAL mode](./docs/performance.md)—not `better-sqlite3` itself. However, there are some cases where `better-sqlite3` could be inappropriate:
|
|
72
|
-
|
|
73
|
-
- If you expect a high volume of concurrent reads each returning many megabytes of data (i.e., videos)
|
|
74
|
-
- If you expect a high volume of concurrent writes (i.e., a social media site)
|
|
75
|
-
- If your database's size is near the terabyte range
|
|
76
|
-
|
|
77
|
-
For these situations, you should probably use a full-fledged RDBMS such as [PostgreSQL](https://www.postgresql.org/).
|
|
78
|
-
|
|
79
|
-
## Upgrading
|
|
80
|
-
|
|
81
|
-
Upgrading your `better-sqlite3` dependency can potentially introduce breaking changes, either in the `better-sqlite3` API (if you upgrade to a new [major version](https://semver.org/)), or between your existing database(s) and the underlying version of SQLite. Before upgrading, review:
|
|
82
|
-
|
|
83
|
-
* [`better-sqlite3` release notes](https://github.com/WiseLibs/better-sqlite3/releases)
|
|
84
|
-
* [SQLite release history](https://www.sqlite.org/changes.html)
|
|
85
|
-
|
|
86
|
-
# Documentation
|
|
87
|
-
|
|
88
|
-
- [API documentation](./docs/api.md)
|
|
89
|
-
- [Performance](./docs/performance.md) (also see [benchmark results](./docs/benchmark.md))
|
|
90
|
-
- [64-bit integer support](./docs/integer.md)
|
|
91
|
-
- [Worker thread support](./docs/threads.md)
|
|
92
|
-
- [Unsafe mode (advanced)](./docs/unsafe.md)
|
|
93
|
-
- [SQLite compilation (advanced)](./docs/compilation.md)
|
|
94
|
-
- [Contribution rules](./docs/contribution.md)
|
|
95
|
-
- [Code of conduct](./docs/conduct.md)
|
|
96
|
-
|
|
97
|
-
# License
|
|
98
|
-
|
|
99
|
-
[MIT](./LICENSE)
|
|
@@ -1,22 +0,0 @@
|
|
|
1
|
-
(The MIT License)
|
|
2
|
-
|
|
3
|
-
Copyright (c) 2012 Nathan Rajlich <nathan@tootallnate.net>
|
|
4
|
-
|
|
5
|
-
Permission is hereby granted, free of charge, to any person obtaining
|
|
6
|
-
a copy of this software and associated documentation files (the
|
|
7
|
-
'Software'), to deal in the Software without restriction, including
|
|
8
|
-
without limitation the rights to use, copy, modify, merge, publish,
|
|
9
|
-
distribute, sublicense, and/or sell copies of the Software, and to
|
|
10
|
-
permit persons to whom the Software is furnished to do so, subject to
|
|
11
|
-
the following conditions:
|
|
12
|
-
|
|
13
|
-
The above copyright notice and this permission notice shall be
|
|
14
|
-
included in all copies or substantial portions of the Software.
|
|
15
|
-
|
|
16
|
-
THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
|
|
17
|
-
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
|
18
|
-
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
|
|
19
|
-
IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
|
|
20
|
-
CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
|
|
21
|
-
TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
|
|
22
|
-
SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
|
@@ -1,13 +0,0 @@
|
|
|
1
|
-
The MIT License (MIT)
|
|
2
|
-
=====================
|
|
3
|
-
|
|
4
|
-
Copyright (c) 2013-2019 bl contributors
|
|
5
|
-
----------------------------------
|
|
6
|
-
|
|
7
|
-
*bl contributors listed at <https://github.com/rvagg/bl#contributors>*
|
|
8
|
-
|
|
9
|
-
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
|
|
10
|
-
|
|
11
|
-
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
|
|
12
|
-
|
|
13
|
-
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
|
@@ -1,494 +0,0 @@
|
|
|
1
|
-
# body-parser
|
|
2
|
-
|
|
3
|
-
[![NPM Version][npm-version-image]][npm-url]
|
|
4
|
-
[![NPM Downloads][npm-downloads-image]][npm-url]
|
|
5
|
-
[![Build Status][ci-image]][ci-url]
|
|
6
|
-
[![Test Coverage][coveralls-image]][coveralls-url]
|
|
7
|
-
[![OpenSSF Scorecard Badge][ossf-scorecard-badge]][ossf-scorecard-visualizer]
|
|
8
|
-
|
|
9
|
-
Node.js body parsing middleware.
|
|
10
|
-
|
|
11
|
-
Parse incoming request bodies in a middleware before your handlers, available
|
|
12
|
-
under the `req.body` property.
|
|
13
|
-
|
|
14
|
-
**Note** As `req.body`'s shape is based on user-controlled input, all
|
|
15
|
-
properties and values in this object are untrusted and should be validated
|
|
16
|
-
before trusting. For example, `req.body.foo.toString()` may fail in multiple
|
|
17
|
-
ways, for example the `foo` property may not be there or may not be a string,
|
|
18
|
-
and `toString` may not be a function and instead a string or other user input.
|
|
19
|
-
|
|
20
|
-
[Learn about the anatomy of an HTTP transaction in Node.js](https://nodejs.org/en/learn/http/anatomy-of-an-http-transaction).
|
|
21
|
-
|
|
22
|
-
_This does not handle multipart bodies_, due to their complex and typically
|
|
23
|
-
large nature. For multipart bodies, you may be interested in the following
|
|
24
|
-
modules:
|
|
25
|
-
|
|
26
|
-
* [busboy](https://www.npmjs.com/package/busboy#readme) and
|
|
27
|
-
[connect-busboy](https://www.npmjs.com/package/connect-busboy#readme)
|
|
28
|
-
* [multiparty](https://www.npmjs.com/package/multiparty#readme) and
|
|
29
|
-
[connect-multiparty](https://www.npmjs.com/package/connect-multiparty#readme)
|
|
30
|
-
* [formidable](https://www.npmjs.com/package/formidable#readme)
|
|
31
|
-
* [multer](https://www.npmjs.com/package/multer#readme)
|
|
32
|
-
|
|
33
|
-
This module provides the following parsers:
|
|
34
|
-
|
|
35
|
-
* [JSON body parser](#bodyparserjsonoptions)
|
|
36
|
-
* [Raw body parser](#bodyparserrawoptions)
|
|
37
|
-
* [Text body parser](#bodyparsertextoptions)
|
|
38
|
-
* [URL-encoded form body parser](#bodyparserurlencodedoptions)
|
|
39
|
-
|
|
40
|
-
Other body parsers you might be interested in:
|
|
41
|
-
|
|
42
|
-
- [body](https://www.npmjs.com/package/body#readme)
|
|
43
|
-
- [co-body](https://www.npmjs.com/package/co-body#readme)
|
|
44
|
-
|
|
45
|
-
## Installation
|
|
46
|
-
|
|
47
|
-
```sh
|
|
48
|
-
$ npm install body-parser
|
|
49
|
-
```
|
|
50
|
-
|
|
51
|
-
## API
|
|
52
|
-
|
|
53
|
-
```js
|
|
54
|
-
const bodyParser = require('body-parser')
|
|
55
|
-
```
|
|
56
|
-
|
|
57
|
-
The `bodyParser` object exposes various factories to create middlewares. All
|
|
58
|
-
middlewares will populate the `req.body` property with the parsed body when
|
|
59
|
-
the `Content-Type` request header matches the `type` option.
|
|
60
|
-
|
|
61
|
-
The various errors returned by this module are described in the
|
|
62
|
-
[errors section](#errors).
|
|
63
|
-
|
|
64
|
-
### bodyParser.json([options])
|
|
65
|
-
|
|
66
|
-
Returns middleware that only parses `json` and only looks at requests where
|
|
67
|
-
the `Content-Type` header matches the `type` option. This parser accepts any
|
|
68
|
-
Unicode encoding of the body and supports automatic inflation of `gzip`,
|
|
69
|
-
`br` (brotli) and `deflate` encodings.
|
|
70
|
-
|
|
71
|
-
A new `body` object containing the parsed data is populated on the `request`
|
|
72
|
-
object after the middleware (i.e. `req.body`).
|
|
73
|
-
|
|
74
|
-
#### Options
|
|
75
|
-
|
|
76
|
-
The `json` function takes an optional `options` object that may contain any of
|
|
77
|
-
the following keys:
|
|
78
|
-
|
|
79
|
-
##### defaultCharset
|
|
80
|
-
|
|
81
|
-
Specify the default character set for the json content if the charset is not
|
|
82
|
-
specified in the `Content-Type` header of the request. Defaults to `utf-8`.
|
|
83
|
-
|
|
84
|
-
##### inflate
|
|
85
|
-
|
|
86
|
-
When set to `true`, then deflated (compressed) bodies will be inflated; when
|
|
87
|
-
`false`, deflated bodies are rejected. Defaults to `true`.
|
|
88
|
-
|
|
89
|
-
##### limit
|
|
90
|
-
|
|
91
|
-
Controls the maximum request body size. If this is a number, then the value
|
|
92
|
-
specifies the number of bytes; if it is a string, the value is passed to the
|
|
93
|
-
[bytes](https://www.npmjs.com/package/bytes) library for parsing. Defaults
|
|
94
|
-
to `'100kb'`.
|
|
95
|
-
|
|
96
|
-
##### reviver
|
|
97
|
-
|
|
98
|
-
The `reviver` option is passed directly to `JSON.parse` as the second
|
|
99
|
-
argument. You can find more information on this argument
|
|
100
|
-
[in the MDN documentation about JSON.parse](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/parse#Example.3A_Using_the_reviver_parameter).
|
|
101
|
-
|
|
102
|
-
##### strict
|
|
103
|
-
|
|
104
|
-
When set to `true`, will only accept arrays and objects; when `false` will
|
|
105
|
-
accept anything `JSON.parse` accepts. Defaults to `true`.
|
|
106
|
-
|
|
107
|
-
##### type
|
|
108
|
-
|
|
109
|
-
The `type` option is used to determine what media type the middleware will
|
|
110
|
-
parse. This option can be a string, array of strings, or a function. If not a
|
|
111
|
-
function, `type` option is passed directly to the
|
|
112
|
-
[type-is](https://www.npmjs.com/package/type-is#readme) library and this can
|
|
113
|
-
be an extension name (like `json`), a mime type (like `application/json`), or
|
|
114
|
-
a mime type with a wildcard (like `*/*` or `*/json`). If a function, the `type`
|
|
115
|
-
option is called as `fn(req)` and the request is parsed if it returns a truthy
|
|
116
|
-
value. Defaults to `application/json`.
|
|
117
|
-
|
|
118
|
-
##### verify
|
|
119
|
-
|
|
120
|
-
The `verify` option, if supplied, is called as `verify(req, res, buf, encoding)`,
|
|
121
|
-
where `buf` is a `Buffer` of the raw request body and `encoding` is the
|
|
122
|
-
encoding of the request. The parsing can be aborted by throwing an error.
|
|
123
|
-
|
|
124
|
-
### bodyParser.raw([options])
|
|
125
|
-
|
|
126
|
-
Returns middleware that parses all bodies as a `Buffer` and only looks at
|
|
127
|
-
requests where the `Content-Type` header matches the `type` option. This
|
|
128
|
-
parser supports automatic inflation of `gzip`, `br` (brotli) and `deflate`
|
|
129
|
-
encodings.
|
|
130
|
-
|
|
131
|
-
A new `body` object containing the parsed data is populated on the `request`
|
|
132
|
-
object after the middleware (i.e. `req.body`). This will be a `Buffer` object
|
|
133
|
-
of the body.
|
|
134
|
-
|
|
135
|
-
#### Options
|
|
136
|
-
|
|
137
|
-
The `raw` function takes an optional `options` object that may contain any of
|
|
138
|
-
the following keys:
|
|
139
|
-
|
|
140
|
-
##### inflate
|
|
141
|
-
|
|
142
|
-
When set to `true`, then deflated (compressed) bodies will be inflated; when
|
|
143
|
-
`false`, deflated bodies are rejected. Defaults to `true`.
|
|
144
|
-
|
|
145
|
-
##### limit
|
|
146
|
-
|
|
147
|
-
Controls the maximum request body size. If this is a number, then the value
|
|
148
|
-
specifies the number of bytes; if it is a string, the value is passed to the
|
|
149
|
-
[bytes](https://www.npmjs.com/package/bytes) library for parsing. Defaults
|
|
150
|
-
to `'100kb'`.
|
|
151
|
-
|
|
152
|
-
##### type
|
|
153
|
-
|
|
154
|
-
The `type` option is used to determine what media type the middleware will
|
|
155
|
-
parse. This option can be a string, array of strings, or a function.
|
|
156
|
-
If not a function, `type` option is passed directly to the
|
|
157
|
-
[type-is](https://www.npmjs.com/package/type-is#readme) library and this
|
|
158
|
-
can be an extension name (like `bin`), a mime type (like
|
|
159
|
-
`application/octet-stream`), or a mime type with a wildcard (like `*/*` or
|
|
160
|
-
`application/*`). If a function, the `type` option is called as `fn(req)`
|
|
161
|
-
and the request is parsed if it returns a truthy value. Defaults to
|
|
162
|
-
`application/octet-stream`.
|
|
163
|
-
|
|
164
|
-
##### verify
|
|
165
|
-
|
|
166
|
-
The `verify` option, if supplied, is called as `verify(req, res, buf, encoding)`,
|
|
167
|
-
where `buf` is a `Buffer` of the raw request body and `encoding` is the
|
|
168
|
-
encoding of the request. The parsing can be aborted by throwing an error.
|
|
169
|
-
|
|
170
|
-
### bodyParser.text([options])
|
|
171
|
-
|
|
172
|
-
Returns middleware that parses all bodies as a string and only looks at
|
|
173
|
-
requests where the `Content-Type` header matches the `type` option. This
|
|
174
|
-
parser supports automatic inflation of `gzip`, `br` (brotli) and `deflate`
|
|
175
|
-
encodings.
|
|
176
|
-
|
|
177
|
-
A new `body` string containing the parsed data is populated on the `request`
|
|
178
|
-
object after the middleware (i.e. `req.body`). This will be a string of the
|
|
179
|
-
body.
|
|
180
|
-
|
|
181
|
-
#### Options
|
|
182
|
-
|
|
183
|
-
The `text` function takes an optional `options` object that may contain any of
|
|
184
|
-
the following keys:
|
|
185
|
-
|
|
186
|
-
##### defaultCharset
|
|
187
|
-
|
|
188
|
-
Specify the default character set for the text content if the charset is not
|
|
189
|
-
specified in the `Content-Type` header of the request. Defaults to `utf-8`.
|
|
190
|
-
|
|
191
|
-
##### inflate
|
|
192
|
-
|
|
193
|
-
When set to `true`, then deflated (compressed) bodies will be inflated; when
|
|
194
|
-
`false`, deflated bodies are rejected. Defaults to `true`.
|
|
195
|
-
|
|
196
|
-
##### limit
|
|
197
|
-
|
|
198
|
-
Controls the maximum request body size. If this is a number, then the value
|
|
199
|
-
specifies the number of bytes; if it is a string, the value is passed to the
|
|
200
|
-
[bytes](https://www.npmjs.com/package/bytes) library for parsing. Defaults
|
|
201
|
-
to `'100kb'`.
|
|
202
|
-
|
|
203
|
-
##### type
|
|
204
|
-
|
|
205
|
-
The `type` option is used to determine what media type the middleware will
|
|
206
|
-
parse. This option can be a string, array of strings, or a function. If not
|
|
207
|
-
a function, `type` option is passed directly to the
|
|
208
|
-
[type-is](https://www.npmjs.com/package/type-is#readme) library and this can
|
|
209
|
-
be an extension name (like `txt`), a mime type (like `text/plain`), or a mime
|
|
210
|
-
type with a wildcard (like `*/*` or `text/*`). If a function, the `type`
|
|
211
|
-
option is called as `fn(req)` and the request is parsed if it returns a
|
|
212
|
-
truthy value. Defaults to `text/plain`.
|
|
213
|
-
|
|
214
|
-
##### verify
|
|
215
|
-
|
|
216
|
-
The `verify` option, if supplied, is called as `verify(req, res, buf, encoding)`,
|
|
217
|
-
where `buf` is a `Buffer` of the raw request body and `encoding` is the
|
|
218
|
-
encoding of the request. The parsing can be aborted by throwing an error.
|
|
219
|
-
|
|
220
|
-
### bodyParser.urlencoded([options])
|
|
221
|
-
|
|
222
|
-
Returns middleware that only parses `urlencoded` bodies and only looks at
|
|
223
|
-
requests where the `Content-Type` header matches the `type` option. This
|
|
224
|
-
parser accepts only UTF-8 and ISO-8859-1 encodings of the body and supports
|
|
225
|
-
automatic inflation of `gzip`, `br` (brotli) and `deflate` encodings.
|
|
226
|
-
|
|
227
|
-
A new `body` object containing the parsed data is populated on the `request`
|
|
228
|
-
object after the middleware (i.e. `req.body`). This object will contain
|
|
229
|
-
key-value pairs, where the value can be a string or array (when `extended` is
|
|
230
|
-
`false`), or any type (when `extended` is `true`).
|
|
231
|
-
|
|
232
|
-
#### Options
|
|
233
|
-
|
|
234
|
-
The `urlencoded` function takes an optional `options` object that may contain
|
|
235
|
-
any of the following keys:
|
|
236
|
-
|
|
237
|
-
##### extended
|
|
238
|
-
|
|
239
|
-
The "extended" syntax allows for rich objects and arrays to be encoded into the
|
|
240
|
-
URL-encoded format, allowing for a JSON-like experience with URL-encoded. For
|
|
241
|
-
more information, please [see the qs
|
|
242
|
-
library](https://www.npmjs.com/package/qs#readme).
|
|
243
|
-
|
|
244
|
-
Defaults to `false`.
|
|
245
|
-
|
|
246
|
-
##### inflate
|
|
247
|
-
|
|
248
|
-
When set to `true`, then deflated (compressed) bodies will be inflated; when
|
|
249
|
-
`false`, deflated bodies are rejected. Defaults to `true`.
|
|
250
|
-
|
|
251
|
-
##### limit
|
|
252
|
-
|
|
253
|
-
Controls the maximum request body size. If this is a number, then the value
|
|
254
|
-
specifies the number of bytes; if it is a string, the value is passed to the
|
|
255
|
-
[bytes](https://www.npmjs.com/package/bytes) library for parsing. Defaults
|
|
256
|
-
to `'100kb'`.
|
|
257
|
-
|
|
258
|
-
##### parameterLimit
|
|
259
|
-
|
|
260
|
-
The `parameterLimit` option controls the maximum number of parameters that
|
|
261
|
-
are allowed in the URL-encoded data. If a request contains more parameters
|
|
262
|
-
than this value, a 413 will be returned to the client. Defaults to `1000`.
|
|
263
|
-
|
|
264
|
-
##### type
|
|
265
|
-
|
|
266
|
-
The `type` option is used to determine what media type the middleware will
|
|
267
|
-
parse. This option can be a string, array of strings, or a function. If not
|
|
268
|
-
a function, `type` option is passed directly to the
|
|
269
|
-
[type-is](https://www.npmjs.com/package/type-is#readme) library and this can
|
|
270
|
-
be an extension name (like `urlencoded`), a mime type (like
|
|
271
|
-
`application/x-www-form-urlencoded`), or a mime type with a wildcard (like
|
|
272
|
-
`*/x-www-form-urlencoded`). If a function, the `type` option is called as
|
|
273
|
-
`fn(req)` and the request is parsed if it returns a truthy value. Defaults
|
|
274
|
-
to `application/x-www-form-urlencoded`.
|
|
275
|
-
|
|
276
|
-
##### verify
|
|
277
|
-
|
|
278
|
-
The `verify` option, if supplied, is called as `verify(req, res, buf, encoding)`,
|
|
279
|
-
where `buf` is a `Buffer` of the raw request body and `encoding` is the
|
|
280
|
-
encoding of the request. The parsing can be aborted by throwing an error.
|
|
281
|
-
|
|
282
|
-
##### defaultCharset
|
|
283
|
-
|
|
284
|
-
The default charset to parse as, if not specified in content-type. Must be
|
|
285
|
-
either `utf-8` or `iso-8859-1`. Defaults to `utf-8`.
|
|
286
|
-
|
|
287
|
-
##### charsetSentinel
|
|
288
|
-
|
|
289
|
-
Whether to let the value of the `utf8` parameter take precedence as the charset
|
|
290
|
-
selector. It requires the form to contain a parameter named `utf8` with a value
|
|
291
|
-
of `✓`. Defaults to `false`.
|
|
292
|
-
|
|
293
|
-
##### interpretNumericEntities
|
|
294
|
-
|
|
295
|
-
Whether to decode numeric entities such as `☺` when parsing an iso-8859-1
|
|
296
|
-
form. Defaults to `false`.
|
|
297
|
-
|
|
298
|
-
|
|
299
|
-
##### depth
|
|
300
|
-
|
|
301
|
-
The `depth` option is used to configure the maximum depth of the `qs` library when `extended` is `true`. This allows you to limit the amount of keys that are parsed and can be useful to prevent certain types of abuse. Defaults to `32`. It is recommended to keep this value as low as possible.
|
|
302
|
-
|
|
303
|
-
## Errors
|
|
304
|
-
|
|
305
|
-
The middlewares provided by this module create errors using the
|
|
306
|
-
[`http-errors` module](https://www.npmjs.com/package/http-errors). The errors
|
|
307
|
-
will typically have a `status`/`statusCode` property that contains the suggested
|
|
308
|
-
HTTP response code, an `expose` property to determine if the `message` property
|
|
309
|
-
should be displayed to the client, a `type` property to determine the type of
|
|
310
|
-
error without matching against the `message`, and a `body` property containing
|
|
311
|
-
the read body, if available.
|
|
312
|
-
|
|
313
|
-
The following are the common errors created, though any error can come through
|
|
314
|
-
for various reasons.
|
|
315
|
-
|
|
316
|
-
### content encoding unsupported
|
|
317
|
-
|
|
318
|
-
This error will occur when the request had a `Content-Encoding` header that
|
|
319
|
-
contained an encoding but the "inflation" option was set to `false`. The
|
|
320
|
-
`status` property is set to `415`, the `type` property is set to
|
|
321
|
-
`'encoding.unsupported'`, and the `charset` property will be set to the
|
|
322
|
-
encoding that is unsupported.
|
|
323
|
-
|
|
324
|
-
### entity parse failed
|
|
325
|
-
|
|
326
|
-
This error will occur when the request contained an entity that could not be
|
|
327
|
-
parsed by the middleware. The `status` property is set to `400`, the `type`
|
|
328
|
-
property is set to `'entity.parse.failed'`, and the `body` property is set to
|
|
329
|
-
the entity value that failed parsing.
|
|
330
|
-
|
|
331
|
-
### entity verify failed
|
|
332
|
-
|
|
333
|
-
This error will occur when the request contained an entity that could not be
|
|
334
|
-
failed verification by the defined `verify` option. The `status` property is
|
|
335
|
-
set to `403`, the `type` property is set to `'entity.verify.failed'`, and the
|
|
336
|
-
`body` property is set to the entity value that failed verification.
|
|
337
|
-
|
|
338
|
-
### request aborted
|
|
339
|
-
|
|
340
|
-
This error will occur when the request is aborted by the client before reading
|
|
341
|
-
the body has finished. The `received` property will be set to the number of
|
|
342
|
-
bytes received before the request was aborted and the `expected` property is
|
|
343
|
-
set to the number of expected bytes. The `status` property is set to `400`
|
|
344
|
-
and `type` property is set to `'request.aborted'`.
|
|
345
|
-
|
|
346
|
-
### request entity too large
|
|
347
|
-
|
|
348
|
-
This error will occur when the request body's size is larger than the "limit"
|
|
349
|
-
option. The `limit` property will be set to the byte limit and the `length`
|
|
350
|
-
property will be set to the request body's length. The `status` property is
|
|
351
|
-
set to `413` and the `type` property is set to `'entity.too.large'`.
|
|
352
|
-
|
|
353
|
-
### request size did not match content length
|
|
354
|
-
|
|
355
|
-
This error will occur when the request's length did not match the length from
|
|
356
|
-
the `Content-Length` header. This typically occurs when the request is malformed,
|
|
357
|
-
typically when the `Content-Length` header was calculated based on characters
|
|
358
|
-
instead of bytes. The `status` property is set to `400` and the `type` property
|
|
359
|
-
is set to `'request.size.invalid'`.
|
|
360
|
-
|
|
361
|
-
### stream encoding should not be set
|
|
362
|
-
|
|
363
|
-
This error will occur when something called the `req.setEncoding` method prior
|
|
364
|
-
to this middleware. This module operates directly on bytes only and you cannot
|
|
365
|
-
call `req.setEncoding` when using this module. The `status` property is set to
|
|
366
|
-
`500` and the `type` property is set to `'stream.encoding.set'`.
|
|
367
|
-
|
|
368
|
-
### stream is not readable
|
|
369
|
-
|
|
370
|
-
This error will occur when the request is no longer readable when this middleware
|
|
371
|
-
attempts to read it. This typically means something other than a middleware from
|
|
372
|
-
this module read the request body already and the middleware was also configured to
|
|
373
|
-
read the same request. The `status` property is set to `500` and the `type`
|
|
374
|
-
property is set to `'stream.not.readable'`.
|
|
375
|
-
|
|
376
|
-
### too many parameters
|
|
377
|
-
|
|
378
|
-
This error will occur when the content of the request exceeds the configured
|
|
379
|
-
`parameterLimit` for the `urlencoded` parser. The `status` property is set to
|
|
380
|
-
`413` and the `type` property is set to `'parameters.too.many'`.
|
|
381
|
-
|
|
382
|
-
### unsupported charset "BOGUS"
|
|
383
|
-
|
|
384
|
-
This error will occur when the request had a charset parameter in the
|
|
385
|
-
`Content-Type` header, but the `iconv-lite` module does not support it OR the
|
|
386
|
-
parser does not support it. The charset is contained in the message as well
|
|
387
|
-
as in the `charset` property. The `status` property is set to `415`, the
|
|
388
|
-
`type` property is set to `'charset.unsupported'`, and the `charset` property
|
|
389
|
-
is set to the charset that is unsupported.
|
|
390
|
-
|
|
391
|
-
### unsupported content encoding "bogus"
|
|
392
|
-
|
|
393
|
-
This error will occur when the request had a `Content-Encoding` header that
|
|
394
|
-
contained an unsupported encoding. The encoding is contained in the message
|
|
395
|
-
as well as in the `encoding` property. The `status` property is set to `415`,
|
|
396
|
-
the `type` property is set to `'encoding.unsupported'`, and the `encoding`
|
|
397
|
-
property is set to the encoding that is unsupported.
|
|
398
|
-
|
|
399
|
-
### The input exceeded the depth
|
|
400
|
-
|
|
401
|
-
This error occurs when using `bodyParser.urlencoded` with the `extended` property set to `true` and the input exceeds the configured `depth` option. The `status` property is set to `400`. It is recommended to review the `depth` option and evaluate if it requires a higher value. When the `depth` option is set to `32` (default value), the error will not be thrown.
|
|
402
|
-
|
|
403
|
-
## Examples
|
|
404
|
-
|
|
405
|
-
### Express/Connect top-level generic
|
|
406
|
-
|
|
407
|
-
This example demonstrates adding a generic JSON and URL-encoded parser as a
|
|
408
|
-
top-level middleware, which will parse the bodies of all incoming requests.
|
|
409
|
-
This is the simplest setup.
|
|
410
|
-
|
|
411
|
-
```js
|
|
412
|
-
const express = require('express')
|
|
413
|
-
const bodyParser = require('body-parser')
|
|
414
|
-
|
|
415
|
-
const app = express()
|
|
416
|
-
|
|
417
|
-
// parse application/x-www-form-urlencoded
|
|
418
|
-
app.use(bodyParser.urlencoded())
|
|
419
|
-
|
|
420
|
-
// parse application/json
|
|
421
|
-
app.use(bodyParser.json())
|
|
422
|
-
|
|
423
|
-
app.use(function (req, res) {
|
|
424
|
-
res.setHeader('Content-Type', 'text/plain')
|
|
425
|
-
res.write('you posted:\n')
|
|
426
|
-
res.end(String(JSON.stringify(req.body, null, 2)))
|
|
427
|
-
})
|
|
428
|
-
```
|
|
429
|
-
|
|
430
|
-
### Express route-specific
|
|
431
|
-
|
|
432
|
-
This example demonstrates adding body parsers specifically to the routes that
|
|
433
|
-
need them. In general, this is the most recommended way to use body-parser with
|
|
434
|
-
Express.
|
|
435
|
-
|
|
436
|
-
```js
|
|
437
|
-
const express = require('express')
|
|
438
|
-
const bodyParser = require('body-parser')
|
|
439
|
-
|
|
440
|
-
const app = express()
|
|
441
|
-
|
|
442
|
-
// create application/json parser
|
|
443
|
-
const jsonParser = bodyParser.json()
|
|
444
|
-
|
|
445
|
-
// create application/x-www-form-urlencoded parser
|
|
446
|
-
const urlencodedParser = bodyParser.urlencoded()
|
|
447
|
-
|
|
448
|
-
// POST /login gets urlencoded bodies
|
|
449
|
-
app.post('/login', urlencodedParser, function (req, res) {
|
|
450
|
-
if (!req.body || !req.body.username) res.sendStatus(400)
|
|
451
|
-
res.send('welcome, ' + req.body.username)
|
|
452
|
-
})
|
|
453
|
-
|
|
454
|
-
// POST /api/users gets JSON bodies
|
|
455
|
-
app.post('/api/users', jsonParser, function (req, res) {
|
|
456
|
-
if (!req.body) res.sendStatus(400)
|
|
457
|
-
// create user in req.body
|
|
458
|
-
})
|
|
459
|
-
```
|
|
460
|
-
|
|
461
|
-
### Change accepted type for parsers
|
|
462
|
-
|
|
463
|
-
All the parsers accept a `type` option which allows you to change the
|
|
464
|
-
`Content-Type` that the middleware will parse.
|
|
465
|
-
|
|
466
|
-
```js
|
|
467
|
-
const express = require('express')
|
|
468
|
-
const bodyParser = require('body-parser')
|
|
469
|
-
|
|
470
|
-
const app = express()
|
|
471
|
-
|
|
472
|
-
// parse various different custom JSON types as JSON
|
|
473
|
-
app.use(bodyParser.json({ type: 'application/*+json' }))
|
|
474
|
-
|
|
475
|
-
// parse some custom thing into a Buffer
|
|
476
|
-
app.use(bodyParser.raw({ type: 'application/vnd.custom-type' }))
|
|
477
|
-
|
|
478
|
-
// parse an HTML body into a string
|
|
479
|
-
app.use(bodyParser.text({ type: 'text/html' }))
|
|
480
|
-
```
|
|
481
|
-
|
|
482
|
-
## License
|
|
483
|
-
|
|
484
|
-
[MIT](LICENSE)
|
|
485
|
-
|
|
486
|
-
[ci-image]: https://img.shields.io/github/actions/workflow/status/expressjs/body-parser/ci.yml?branch=master&label=ci
|
|
487
|
-
[ci-url]: https://github.com/expressjs/body-parser/actions/workflows/ci.yml
|
|
488
|
-
[coveralls-image]: https://img.shields.io/coverallsCoverage/github/expressjs/body-parser?branch=master
|
|
489
|
-
[coveralls-url]: https://coveralls.io/r/expressjs/body-parser?branch=master
|
|
490
|
-
[npm-downloads-image]: https://img.shields.io/npm/dm/body-parser
|
|
491
|
-
[npm-url]: https://npmjs.com/package/body-parser
|
|
492
|
-
[npm-version-image]: https://img.shields.io/npm/v/body-parser
|
|
493
|
-
[ossf-scorecard-badge]: https://api.scorecard.dev/projects/github.com/expressjs/body-parser/badge
|
|
494
|
-
[ossf-scorecard-visualizer]: https://ossf.github.io/scorecard-visualizer/#/projects/github.com/expressjs/body-parser
|