Node client for the GOV.UK Notify API
Home Page: https://docs.notifications.service.gov.uk/node.html
License: MIT License
Use this client to send emails, text messages and letters using the GOV.UK Notify API.
Useful links:
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
Hi All
We're currently working on a 🇨🇦version of the Notify service.
The problem:
I recently did a test of the Node Client API and noticed the endpoint is hardcoded.
Ideally we would like to avoid creating forks of all the client libraries (the endpoint is also hardcoded in the other client libs I looked at).
The ask:
Wondering if you would accept a Pull Request which would allow that variable to be set via an environment variable while defaulting to your endpoint if that variable not available / set.
i.e.
notifyProductionAPI = the_env_var || 'https://api.notifications.service.gov.uk'
Hi,
Trying to find a working example of this setup including how to setup/generate a token.
Any examples would be great we hit a 403 as we aren't sure of token setup.
In your documentation you have instructions on how to set the proxy as:
proxyConfig = { host: proxyHost, port: proxyPort } notifyClient.setProxy(proxyConfig)
However the setProxy command only takes a string:
It is the setProxy on the APIClient that accepts an object:
Can you please advise which is the correct way for setting the proxy host and port? I think the documentation will need updating to make this clearer?
When running hapi/lab tests on an application using notifications-node-client[1] the tests were reporting the following error:
The following leaks were detected:version
This error is flagging leaked globals.
debugging lead me to this line in client/api_client.js:
var restClient = require('axios').default,
_ = require('underscore'),
createGovukNotifyToken = require('../client/authentication.js'),
notifyProductionAPI = 'https://api.notifications.service.gov.uk'
version = require('../package.json').version;
i believe there is a comma missing on the penultimate line (adding the comma resolves the test run error for me). I have a workaround but wanted to flag my findings.
Documentation for the sendEmail method states that it accepts 5 parameters:
templateId (required)emailAddress (required)personalisation (required)reference (required)emailReplyToId (optional)However, in practice, this method actually accepts 3 parameters:
templateId (required)emailAddress (required)options (optional)options should be an object, and may optionally contain any of the following keys:
personalisationreferenceemailReplyToIdThe same applies to sendSms and sendLetter methods.
According to the changelog, the methods were changed in 2017. But the documentation is out of date since it doesn't reflect these changes.
declare module "notifications-node-client" {
class NotifyClient {
constructor(apiKey: string);
sendEmail(
templateId: string,
emailAddress: string,
options: {
personalisation: any;
reference: string;
emailReplyToId?: string;
}
): Promise<any>;
sendSms(
templateId: string,
phoneNumber: string,
options?: NotificationSendOptions
): Promise<any>;
sendLetter(
templateId: string,
options?: NotificationSendOptions
): Promise<any>;
sendPrecompiledLetter(
reference: string,
pdfFile: string | Buffer,
postage?: string
): Promise<any>;
getNotificationById(notificationId: string): Promise<any>;
getNotifications(
templateType?: string,
status?: string,
reference?: string,
olderThanId?: string
): Promise<any>;
getPdfForLetterNotification(notificationId: string): Promise<Buffer>;
getTemplateById(templateId: string): Promise<any>;
getTemplateByIdAndVersion(
templateId: string,
version: number
): Promise<any>;
getAllTemplates(templateType?: string): Promise<any>;
previewTemplateById(
templateId: string,
personalisation?: any
): Promise<any>;
getReceivedTexts(olderThan?: string): Promise<any>;
setProxy(proxyConfig: any): void;
prepareUpload(fileData: any, options?: FileUploadOptions): any;
}
export = {
NotifyClient: NotifyClient,
};
export interface NotificationSendOptions {
personalisation?: any;
reference?: string;
emailReplyToId?: string;
smsSenderId?: string;
}
export interface FileUploadOptions {
isCsv?: boolean;
confirmEmailBeforeDownload?: boolean;
retentionPeriod?: number;
}
}
Perhaps consider publishing just types so an npm install with:
npm i --save-dev @types/notifications-node-client is possible?
Hi,
Please could you remove the crypto dependency (as it is no longer supported) and switch to the build in node.js crypto?
https://nodejs.org/api/crypto.html
warning notifications-node-client > [email protected]: This package is no longer supported. It's now a built-in Node module. If you've depended on crypto, you should switch to the one that's built-in.
thanks
Hello
Would you be able to bump axios to resolve https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459 so we can clear the alert in our build system?
Many thanks
I've just installed this package and even though it declares request as a dependency it does not install it.
I notice that request-promise declares request as a peer dependency. Could it be that this overrides it? Which sounds wrong to me.
Anyway - the work around is to install request as a top level dependency. So perhaps this needs to be made clear in the install instructions.
Snyk has discovered a vulnerability within this library:
✗ Low severity vulnerability found on [email protected]
- desc: Prototype Pollution
- info: https://snyk.io/vuln/npm:hoek:20180212
- from: [email protected] > [email protected] > [email protected] > [email protected] > [email protected] > [email protected]
No direct dependency upgrade can address this issue.
Run `snyk wizard` to explore remediation options.https://github.com/alphagov/notifications-node-client/blob/master/package.json#L13
We're using jsonwebtoken in a newer version which doesn't produce the above warning.
We didn't attempt to bump it for this library, so I don't know what the blowback would be.
Hi
There is a vulnerability in follow-redirects which is axiosdependency. I can see that notifications-node-client doesn't use axios 0.25.0 which I believe has the fix.
Can we update the axios to fix this issue?
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.