🔬 Writing reliable & fault-tolerant microservices in Node.js

Related tags

Web Frameworks nodejs distributed-systems microservice pubsub nats rpc micro cloud-native
Overview

Hemera

License MIT Build Status Build Status Coverage Status Gitter JavaScript Style Guide Known Vulnerabilities lerna

A Node.js microservices toolkit for the NATS messaging system
Run on repl.it

📓 Getting Started

Hemera (/ˈhɛmərə/; Ancient Greek: Ἡμέρα [hɛːméra] "day") is a small wrapper around the official NATS driver. NATS is a simple, fast and reliable solution for the internal communication of a distributed system. It chooses simplicity and reliability over guaranteed delivery. We want to provide a toolkit to develop micro services in an easy and powerful way. We provide a pattern matching RPC style. You don't have to worry about the transport. NATS is powerful.

With Hemera you have the best of both worlds. Efficient pattern matching to have the most flexibility in defining your RPC's. It doesn't matter where your server or client lives. You can start as many services you want on different hosts to ensure maximal availability. The only dependency you have is a single binary of ~10MB. Mind your own business NATS will do the rest for you:

The key features of NATS in combination with Hemera are:

  • Lightweight: The Hemera core is small as possible and provide an extensive plugin system.
  • Location transparency: A service may be instantiated in different locations at different times. An application interacting with an service and does not know the service physical location.
  • Service Discovery: You don't need a service discovery all subscriptions are managed by NATS.
  • Load Balancing: Requests are load balanced (random) by NATS mechanism of "queue groups".
  • Packages: We provide reliable and modern plugins to the community.
  • High performant: NATS is able to handle million of requests per second.
  • Scalability: Filtering on the subject name enables services to divide work (perhaps with locality).
  • Fault tolerance: Auto-heals when new services are added. Configure cluster mode to be more reliable.
  • Auto-pruning: NATS automatically handles a slow consumer and cut it off.
  • Pattern driven: Define RPC's in JSON and use the flexibility of pattern-matching.
  • Request & Reply: By default point-to-point involves the fastest or first to respond.
  • Publish & Subscribe: Hemera supports all features of NATS. This includes wildcards in subjects and normal publish and fanout mechanism.
  • Tracing: Builtin tracing capabilities but we also provide plugin for Jaeger.
  • Monitoring: NATS server can be monitored by cli or a dashboard.
  • Payload validation: Create your own validator or use existing plugins e.g hemera-joi or hemera-ajv.
  • Serialization: Use custom serializer e.g hemera-mgspack.
  • Metadata: Transfer metadata across services or attach contextual data to tracing systems.
  • Dependencies: NATS is a single binary of ~10MB and can be deployed in seconds.
  • Typescript: We provide typings.

Built in protection

  • Process policy: Will exit the process when the policy (memory, event loop) could not be fullfilled (Option: heavy).
  • Message loop detection: Will return an error if you call a route recursively (Option: maxRecursion).
  • Safe default JSON serializer: Provides a deterministic version and will also gracefully handle circular structures.

Who's using Hemera?

appcom-interactive amerbank savicontrols mercado unico
appcom interactive amerbank savicontrols mercado unico

Get Involved

  • Contributing: Pull requests are welcome!
    • Read CONTRIBUTING.md and check out our help-wanted issues
    • Submit github issues for any feature enhancements, bugs or documentation problems
  • Support: Join our gitter chat to ask questions to get support from the maintainers and other Hemera developers
  • Discuss: Tweet using the #HemeraJs hashtag

Contributing

Please read CONTRIBUTING.md for details on our code of conduct, and the process for submitting pull requests to us.

Supported Node Versions

Support policy for Nodejs versions follows Nodejs release support. We will support and build hemera on even Nodejs versions that are current or in maintenance.

Professional services

Hemera is free for any use (MIT license). If you are in production don't miss the professional support service. For courses and training send me an email to [email protected] or contact me private on Gitter

Sponsorship

Development of the hemera core module generously supported by contributions from individuals and corporations. If you are benefiting from hemera and would like to help keep the project financially sustainable, please visit Dustin Deus Patreon page, his Paypal Me or contact him via email.

Comments
  • Add middlewares [Investigation]

    Add middlewares [Investigation]

    Hii, is there any way to use cache for certains hemera services.

    I'm looking for something that I've used in Express, a middleware function that caches end points.

    Thanks!

    opened by vitorcamachoo 22
  • async/await callback function

    async/await callback function

    Description

    Need support for async/await callback function. It used to work in earlier version 1.5.6 and was failing in later versions.

    I have written the test case for it and submitted PR #165 and right now it seems to be failing.

    Feedback required 
    opened by veeramarni 19
  • Export Joi validation to documentation?

    Export Joi validation to documentation?

    Is there a way to generate JSDoc from the Joi definitions? There's plugins for that for fastify/koa/hapi to generate Swagger. Would be very interesting to have that.

    How would one approach this issue?

    Plugin suggestion 
    opened by PatrickHeneise 13
  • when nats down hemera fails with this.write error

    when nats down hemera fails with this.write error

    Description

    When you use plugin and start the server with NATS down then you will see following error.

    Expected Result

    Actual Result

    /usr/src/app/node_modules/pino/lib/tools.js:102 this.write(m, o, z) ^

    TypeError: this.write is not a function at Client.LOG (/usr/src/app/node_modules/pino/lib/tools.js:102:10) at emitOne (events.js:115:13) at Client.emit (events.js:210:7) at Socket. (/usr/src/app/node_modules/nats/lib/nats.js:454:14) at emitOne (events.js:115:13) at Socket.emit (events.js:210:7) at emitErrorNT (internal/streams/destroy.js:64:8) at _combinedTickCallback (internal/process/next_tick.js:138:11) at process._tickCallback (internal/process/next_tick.js:180:9)

    Context

    • [x] nats-hemera (core)

    Your Environment

    • NATS: X.X.X
    • Hemera: latest
    • NodeJs: 8.4.0
    • Environment name and version: MacOS and docker
    • Operating System and version:
    opened by veeramarni 12
  • Sometimes it works sometimes it doesn't

    Sometimes it works sometimes it doesn't

    I am using mongodb atlas db to store data. When I use find query sometimes it pulls data sometimes it doesn't with the same query...

    Here is code snippet:

    public showUserByMail(msg: any, done: any): void {
        let __this: any = this;
        let hemera: T = __this;
        
        hemera.act({
            topic: 'mongo-store',
            cmd: 'find',
            collection: 'users',
            query: { email: msg.email }
        }, (err: Error, resp: any) => {
            if (err) {
                done(err);
            }
            console.log(resp)
            if(resp.result.length === 0) {
                done(null, false);
            } else {
                done(null, resp.result[0]);
            }
        })
    }
    Discussion 
    opened by vforv 12
  • Proper way to test services

    Proper way to test services

    I'm missing the proper way to test the services (the aither repo doesn't have any besides the load test), and couldn't find a definitive answer. In express, I used superagent, which made the REST testing somewhat easy, and doesn't need to listen on a port

    opened by pocesar 12
  • Update Hapi Dependencies

    Update Hapi Dependencies

    Hi @StarpTech,

    The following hapi packages have been deprecated and have been migrated under the hapi organization. I thought it would be great to migrate them (so they continue to be supported) and update the dependencies.

    | Old Version | New Version | Notes | | :-: | :-: | :- | | code v^4.1.0 | @hapi/code v^6.0.0 | | | hoek v4.2.x | @hapi/hoek v8.3.x | | | heavy v4.0.x | @hapi/heavy v6.2.x | Updated respective config schema, API, and tests | | joi v^12.0.0 | @hapi/joi v^15.1.1 | I decided not to upgrade to v16 because v16 has breaking changes that require a lot of effort and complexity to upgrade: https://github.com/hapijs/joi/issues/2037 |

    I also bumped the versions of each of the following packages that were affected by a minor version (following semver). Please advise if you'd like things to be different.

    • nats-hemera v7.1.0
    • hemera-joi v6.1.0
    • hemera-jwt-auth v6.1.0
    • hemera-mail v5.1.0
    • hemera-slackbot v5.1.0
    • hemera-store v2.1.0
    opened by jackieluc 11
  • jaeger: opentracing not being set in client error handlers

    jaeger: opentracing not being set in client error handlers

    It looks like the caller doesn't have the opentracing object set on this in the error event handlers

    Description

    [2017-10-24T13:14:43.335Z] FATAL (hemera-xavier-4d2a6987498e4aada870449d20fbe8a1/1353 on xavier): Fatal error
    FatalError: Fatal error
        at Hemera._sendRequestHandler (/home/esatterwhite/dev/js/node-allstar/allstar-auth/node_modules/nats-hemera/lib/index.js:1052:29)
        at self._sid.self._transport.sendRequest.resp (/home/esatterwhite/dev/js/node-allstar/allstar-auth/node_modules/nats-hemera/lib/index.js:1252:22)
        at Object.callback (/home/esatterwhite/dev/js/node-allstar/allstar-auth/node_modules/nats/lib/nats.js:1274:5)
        at Client.processMsg (/home/esatterwhite/dev/js/node-allstar/allstar-auth/node_modules/nats/lib/nats.js:1003:11)
        at Client.processInbound (/home/esatterwhite/dev/js/node-allstar/allstar-auth/node_modules/nats/lib/nats.js:931:14)
        at Socket.<anonymous> (/home/esatterwhite/dev/js/node-allstar/allstar-auth/node_modules/nats/lib/nats.js:470:12)
        at emitOne (events.js:115:13)
        at Socket.emit (events.js:210:7)
        at addChunk (_stream_readable.js:264:12)
        at readableAddChunk (_stream_readable.js:251:11)
    Cause: TypeError: Cannot read property 'finish' of undefined
        at Hemera.<anonymous> (/home/esatterwhite/dev/js/node-allstar/allstar-auth/node_modules/hemera-jaeger/index.js:139:21)
        at emitOne (events.js:115:13)
        at Hemera.emit (events.js:210:7)
        at onClientPostRequest (/home/esatterwhite/dev/js/node-allstar/allstar-auth/node_modules/nats-hemera/lib/extensions.js:126:11)
        at Hemera.(anonymous function).push (/home/esatterwhite/dev/js/node-allstar/allstar-auth/node_modules/nats-hemera/lib/extension.js:55:15)
        at makeCall (/home/esatterwhite/dev/js/node-allstar/allstar-auth/node_modules/fastseries/series.js:113:10)
        at ResultsHolder.release (/home/esatterwhite/dev/js/node-allstar/allstar-auth/node_modules/fastseries/series.js:96:9)
        at Hemera.series [as _series] (/home/esatterwhite/dev/js/node-allstar/allstar-auth/node_modules/fastseries/series.js:39:14)
        at Hemera._sendRequestHandler (/home/esatterwhite/dev/js/node-allstar/allstar-auth/node_modules/nats-hemera/lib/index.js:1047:12)
        at self._sid.self._transport.sendRequest.resp (/home/esatterwhite/dev/js/node-allstar/allstar-auth/node_modules/nats-hemera/lib/index.js:1252:22)

    Steps to Reproduce

    Example:

    1. Start NATS
    2. Use plugin hemera-jeager
    3. Send message
    4. client handler (async function) throws error

    the handler looks like this

    hemera.add({
  topic: 'user'
, cmd: 'create'
, version: 'v1'
, auth$: {
    permissions: 'auth:user:create'
  }
}, async function getUser(req) {
  const opts = req
  await _validateRoles(opts.roles) // <---- This function MAY throw
  opts.roles = opts.roles || []
  if (opts.password != null) {
    this.log.debug('generating initial password for user', opts.email)
    const salt = await bcrypt.salt()
    opts.password = await bcrypt.encode(opts.password, salt)
  }
  opts.superuser = undefined
  opts.permissions = undefined
  const u = await new User(opts).save()
  const permissions = await u.getAllPermissions()
  this.log.info('new user created', u.email)

  return Object.assign({}, u, {
    password: undefined
  , permissions: permissions
  })
})

    with out the jaeger pluging, it works just fine, the error is propagated back the caller. This also works fine with the jaeger plugin and there is no error.

    Expected Result

    error is logged and sent to jaeger

    Actual Result

    error is throw and process crashes

    Context

    • [x] nats-hemera (core)
    • [ ] hemera-zipkin
    • [ ] hemera-store
    • [x] hemera-stats
    • [ ] hemera-rabbitmq
    • [ ] hemera-nsq
    • [ ] hemera-arango-store
    • [ ] hemera-sql-store
    • [ ] hemera-elasticsearch
    • [ ] hemera-couchbase-store
    • [ ] hemera-mongo-store
    • [ ] hemera-joi
    • [ ] hemera-parambulator
    • [ ] hemera-msgpack
    • [ ] hemera-avro
    • [ ] hemera-redis-cache
    • [ ] hemera-jwt-auth

    Your Environment

    • NATS: 0.7.20
    • Hemera:2.2.0
    • NodeJs: 8.7.0
    • Environment name and version: ??
    • Operating System and version: Majaro (Arch) linux v17
    opened by esatterwhite 11
  • MongoDB Store Extended JSON Support

    MongoDB Store Extended JSON Support

    Because the underlying NATs transport is simply passing JSON stringified messages between actions, certain native (or extended) MongoDB types will be lost.

    In order to "fix" this issue, the mongo-store now supports the use of MongoDB Extended JSON

    Under the hood, this utilizes the mongodb-extended-json package and its serialization capabilities, though does not require the user to need it in their application code, unless they choose to.

    User input via req.query and/or req.data are now deserialized using EJSON.deserialize. This ensures that native/extended types can both be queried and saved.

    Finally, responses from the store (from find etc.) are left "as-is" unless the user sets the plugin option serializeResult: true. If this option is set, responses will be serialized using EJSON.serialize. See the updated README for more specific examples.

    Note: these commands complete successfully cd packages/hemera-mongo-store npm run lint npm run test

    opened by zarathustra323 10
  • Act callback called twice on TimeoutError

    Act callback called twice on TimeoutError

    If a timeout error occurs when a service is taking a longer time to respond the act callback is called twice. Once when the timeout error occurs and the second time when the service has finished the request: Example:

    hemera.add({ topic : 'test', cmd : 'timeout' }, (msg, reply) => {
    setTimeout(() => { reply(null, { ok : true }) }, 3000);
});

hemera.ready(() => {
	
    hemera.act({ topic : 'test', cmd : 'timeout', timeout$ : 1000 }, (err, res) => {
        console.log('done');
        console.log(err || res);
    });

});

    Output:

    done
{ TimeoutError
    at /home/andrija/Documents/hemera-test/node_modules/nats-hemera/build/index.js:949:21
    at Timeout._onTimeout (/home/andrija/Documents/hemera-test/node_modules/nats/lib/nats.js:1165:41)
    at ontimeout (timers.js:365:14)
    at tryOnTimeout (timers.js:237:5)
    at Timer.listOnTimeout (timers.js:207:5)
  message: 'Timeout',
  pattern: { topic: 'test', cmd: 'timeout', 'timeout$': 1000 } }
done
{ ok: true }
    opened by acehko 10
  • Unsubscribe by RegExp

    Unsubscribe by RegExp

    https://github.com/hemerajs/hemera/blob/d13b52980cbf947aaa88696f9dc9afeb4e2db6b3/packages/hemera/lib/index.js#L1027 There wrote "if topic is string then take sid by its topic" but "else unsubscribe by topic which does not is string". And if topic is not a string, then it is a RegExp object. Result:

    [11605] 2018/11/20 14:02:39.579853 [TRC] 127.0.0.1:50742 - cid:1 - ->> [UNSUB /^[a-zA-Z0-9-.]+$/i]

    https://github.com/hemerajs/hemera/blob/d13b52980cbf947aaa88696f9dc9afeb4e2db6b3/packages/hemera/lib/index.js#L1018 This line should be process always

    This unsubscribe method does not work:

    nats unsubscribe gif

    opened by vdakalov 9
  • Bump jsonwebtoken from 8.2.0 to 9.0.0

    Bump jsonwebtoken from 8.2.0 to 9.0.0

    Bumps jsonwebtoken from 8.2.0 to 9.0.0.

    Changelog

    Sourced from jsonwebtoken's changelog.

    9.0.0 - 2022-12-21

    Breaking changes: See Migration from v8 to v9

    Breaking changes

    Security fixes

    • security: fixes Arbitrary File Write via verify function - CVE-2022-23529
    • security: fixes Insecure default algorithm in jwt.verify() could lead to signature validation bypass - CVE-2022-23540
    • security: fixes Insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC - CVE-2022-23541
    • security: fixes Unrestricted key type could lead to legacy keys usage - CVE-2022-23539

    8.5.1 - 2019-03-18

    Bug fix

    Docs

    8.5.0 - 2019-02-20

    New Functionality

    Test Improvements

    Docs

    8.4.0 - 2018-11-14

    New Functionality

    ... (truncated)

    Commits
    • e1fa9dc Merge pull request from GHSA-8cf7-32gw-wr33
    • 5eaedbf chore(ci): remove github test actions job (#861)
    • cd4163e chore(ci): configure Github Actions jobs for Tests & Security Scanning (#856)
    • ecdf6cc fix!: Prevent accidental use of insecure key sizes & misconfiguration of secr...
    • 8345030 fix(sign&verify)!: Remove default none support from sign and verify met...
    • 7e6a86b Upload OpsLevel YAML (#849)
    • 74d5719 docs: update references vercel/ms references (#770)
    • d71e383 docs: document "invalid token" error
    • 3765003 docs: fix spelling in README.md: Peak -> Peek (#754)
    • a46097e docs: make decode impossible to discover before verify
    • Additional commits viewable in compare view
    Maintainer changes

    This version was pushed to npm by julien.wollscheid, a new releaser for jsonwebtoken since your current version.


    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump express from 4.16.4 to 4.17.3

    Bump express from 4.16.4 to 4.17.3

    Bumps express from 4.16.4 to 4.17.3.

    Release notes

    Sourced from express's releases.

    4.17.3

    4.17.2

    4.17.1

    • Revert "Improve error message for null/undefined to res.status"

    4.17.0

    • Add express.raw to parse bodies into Buffer
    • Add express.text to parse bodies into string

    ... (truncated)

    Changelog

    Sourced from express's changelog.

    4.17.3 / 2022-02-16

    4.17.2 / 2021-12-16

    4.17.1 / 2019-05-25

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump decode-uri-component from 0.2.0 to 0.2.2

    Bump decode-uri-component from 0.2.0 to 0.2.2

    Bumps decode-uri-component from 0.2.0 to 0.2.2.

    Release notes

    Sourced from decode-uri-component's releases.

    v0.2.2

    • Prevent overwriting previously decoded tokens 980e0bf

    https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2

    v0.2.1

    • Switch to GitHub workflows 76abc93
    • Fix issue where decode throws - fixes #6 746ca5d
    • Update license (#1) 486d7e2
    • Tidelift tasks a650457
    • Meta tweaks 66e1c28

    https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump moment from 2.24.0 to 2.29.4

    Bump moment from 2.24.0 to 2.29.4

    Bumps moment from 2.24.0 to 2.29.4.

    Changelog

    Sourced from moment's changelog.

    2.29.4

    • Release Jul 6, 2022
      • #6015 [bugfix] Fix ReDoS in preprocessRFC2822 regex

    2.29.3 Full changelog

    • Release Apr 17, 2022
      • #5995 [bugfix] Remove const usage
      • #5990 misc: fix advisory link

    2.29.2 See full changelog

    • Release Apr 3 2022

    Address https://github.com/moment/moment/security/advisories/GHSA-8hfj-j24r-96c4

    2.29.1 See full changelog

    • Release Oct 6, 2020

    Updated deprecation message, bugfix in hi locale

    2.29.0 See full changelog

    • Release Sept 22, 2020

    New locales (es-mx, bn-bd). Minor bugfixes and locale improvements. More tests. Moment is in maintenance mode. Read more at this link: https://momentjs.com/docs/#/-project-status/

    2.28.0 See full changelog

    • Release Sept 13, 2020

    Fix bug where .format() modifies original instance, and locale updates

    2.27.0 See full changelog

    • Release June 18, 2020

    Added Turkmen locale, other locale improvements, slight TypeScript fixes

    2.26.0 See full changelog

    • Release May 19, 2020

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump async from 2.6.1 to 2.6.4

    Bump async from 2.6.1 to 2.6.4

    Bumps async from 2.6.1 to 2.6.4.

    Changelog

    Sourced from async's changelog.

    v2.6.4

    • Fix potential prototype pollution exploit (#1828)

    v2.6.3

    • Updated lodash to squelch a security warning (#1675)

    v2.6.2

    • Updated lodash to squelch a security warning (#1620)
    Commits
    Maintainer changes

    This version was pushed to npm by hargasinski, a new releaser for async since your current version.


    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump follow-redirects from 1.6.1 to 1.14.8

    Bump follow-redirects from 1.6.1 to 1.14.8

    Bumps follow-redirects from 1.6.1 to 1.14.8.

    Commits
    • 3d81dc3 Release version 1.14.8 of the npm package.
    • 62e546a Drop confidential headers across schemes.
    • 2ede36d Release version 1.14.7 of the npm package.
    • 8b347cb Drop Cookie header across domains.
    • 6f5029a Release version 1.14.6 of the npm package.
    • af706be Ignore null headers.
    • d01ab7a Release version 1.14.5 of the npm package.
    • 40052ea Make compatible with Node 17.
    • 86f7572 Fix: clear internal timer on request abort to avoid leakage
    • 2e1eaf0 Keep Authorization header on subdomain redirects.
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
Releases([email protected])
Owner
HemeraJs
Software for daily business.
HemeraJs
GitHub
A microservices toolkit for Node.js.

A Node.js toolkit for Microservice architectures This open source module is sponsored and supported by Voxgig. seneca Lead Maintainer: Richard Rodger

Seneca Microservices Framework 3.9k Dec 19, 2022
Asynchronous HTTP microservices

Disclaimer: Micro was created for use within containers and is not intended for use in serverless environments. For those using Vercel, this means tha

Vercel 10.3k Jan 4, 2023
Zeronode - minimal building block for NodeJS microservices

Zeronode - minimal building block for NodeJS microservices Why Zeronode? Installation Basics Benchmark API Examples Basic Examples Basic Examples [Adv

Steadfast 120 Oct 21, 2022
Fast, unopinionated, minimalist web framework for node.

Fast, unopinionated, minimalist web framework for node. const express = require('express') const app = express() app.get('/', function (req, res) {

null 59.5k Jan 5, 2023
A progressive Node.js framework for building efficient, scalable, and enterprise-grade server-side applications on top of TypeScript & JavaScript (ES6, ES7, ES8) 🚀

A progressive Node.js framework for building efficient and scalable server-side applications. Description Nest is a framework for building efficient,

nestjs 53.2k Dec 31, 2022
Expressive middleware for node.js using ES2017 async functions

Expressive HTTP middleware framework for node.js to make web applications and APIs more enjoyable to write. Koa's middleware stack flows in a stack-li

Koa.js 33.5k Jan 4, 2023
Realtime MVC Framework for Node.js

Website Get Started Docs News Submit Issue Sails.js is a web framework that makes it easy to build custom, enterprise-grade Node.js apps. It is design

Balderdash 22.4k Dec 31, 2022
🥚 Born to build better enterprise frameworks and apps with Node.js & Koa

Features Built-in Process Management Plugin System Framework Customization Lots of plugins Quickstart Follow the commands listed below. $ mkdir showca

egg 18.3k Dec 29, 2022
Fast and low overhead web framework, for Node.js

An efficient server implies a lower cost of the infrastructure, a better responsiveness under load and happy users. How can you efficiently handle the

Fastify 26k Jan 2, 2023
📦🔐A lightweight private proxy registry build in Node.js

Version 6 (Development branch) Looking for Verdaccio 5? Check branch 5.x. Verdaccio is a simple, zero-config-required local private npm registry. No n

Verdaccio 14.3k Dec 31, 2022
The future of Node.js REST development

restify is a framework, utilizing connect style middleware for building REST APIs. For full details, see http://restify.com Follow restify on Usage Se

restify 10.6k Jan 2, 2023
🚀 The Node.js Framework highly focused on developer ergonomics, stability and confidence

Sponsored by FOSS United is a non-profit foundation that aims at promoting and strengthening the Free and Open Source Software (FOSS) ecosystem in Ind

AdonisJS Framework 13.4k Dec 31, 2022
Use full ES2015+ features to develop Node.js applications, Support TypeScript.

ThinkJS Use full ES2015+ features to develop Node.js applications, Support TypeScript. 简体中文文档 Installation npm install -g think-cli Create Application

ThinkJS 5.3k Dec 30, 2022
MVC framework making it easy to write realtime, collaborative applications that run in both Node.js and browsers

Derby The Derby MVC framework makes it easy to write realtime, collaborative applications that run in both Node.js and browsers. Derby includes a powe

DerbyJS 4.7k Dec 23, 2022
Node.js framework

Node.js framework Total.js framework is a framework for Node.js platfrom written in pure JavaScript similar to PHP's Laravel or Python's Django or ASP

Total.js 4.2k Jan 2, 2023
API Services Made Easy With Node.js

Nodal API Services Made Easy with Node.js View the website at nodaljs.com. Nodal is a web server and opinionated framework for building data manipulat

Keith Horwood 4.5k Dec 26, 2022
🍔 A Node.js Serverless Framework for front-end/full-stack developers. Build the application for next decade. Works on AWS, Alibaba Cloud, Tencent Cloud and traditional VM/Container. Super easy integrate with React and Vue. 🌈

Midway - 一个面向未来的云端一体 Node.js 框架 English | 简体中文 ?? 欢迎观看 Midway Serverless 2.0 发布会回放: https://www.bilibili.com/video/BV17A411T7Md 《Midway Serverless 发布

Midway.js 6.3k Jan 8, 2023
:evergreen_tree: Modern Web Application Framework for Node.js.

Trails is a modern, community-driven web application framework for Node.js. It builds on the pedigree of Rails and Grails to accelerate development by

Trails 1.7k Dec 19, 2022
Marble.js - functional reactive Node.js framework for building server-side applications, based on TypeScript and RxJS.

Functional reactive Node.js framework for building server-side applications, based on TypeScript and RxJS. Ecosystem Name Description @marblejs/core F

Marble.js 2.1k Dec 16, 2022