{"id":31052694,"url":"https://github.com/getconversio/node-bigcommerce","last_synced_at":"2025-09-15T01:05:21.786Z","repository":{"id":25803218,"uuid":"29242092","full_name":"getconversio/node-bigcommerce","owner":"getconversio","description":"A node module for authentication and use with the BigCommerce API","archived":false,"fork":false,"pushed_at":"2023-08-08T10:43:20.000Z","size":352,"stargazers_count":93,"open_issues_count":11,"forks_count":57,"subscribers_count":19,"default_branch":"master","last_synced_at":"2025-08-16T02:32:01.364Z","etag":null,"topics":["api-client","bigcommerce","javascript","node-bigcommerce","nodejs"],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/getconversio.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2015-01-14T11:56:40.000Z","updated_at":"2024-06-12T07:41:03.000Z","dependencies_parsed_at":"2024-06-18T15:28:11.806Z","dependency_job_id":null,"html_url":"https://github.com/getconversio/node-bigcommerce","commit_stats":{"total_commits":144,"total_committers":13,"mean_commits":"11.076923076923077","dds":"0.39583333333333337","last_synced_commit":"40b9fb2d948ff0fa2f19d31fbf872754fb6cfe35"},"previous_names":["receiptful/node-bigcommerce"],"tags_count":20,"template":false,"template_full_name":null,"purl":"pkg:github/getconversio/node-bigcommerce","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/getconversio%2Fnode-bigcommerce","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/getconversio%2Fnode-bigcommerce/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/getconversio%2Fnode-bigcommerce/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/getconversio%2Fnode-bigcommerce/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/getconversio","download_url":"https://codeload.github.com/getconversio/node-bigcommerce/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/getconversio%2Fnode-bigcommerce/sbom","scorecard":{"id":424151,"data":{"date":"2025-08-11","repo":{"name":"github.com/getconversio/node-bigcommerce","commit":"40b9fb2d948ff0fa2f19d31fbf872754fb6cfe35"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.5,"checks":[{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Code-Review","score":6,"reason":"Found 8/13 approved changesets -- score normalized to 6","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"25 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92","Warn: Project is vulnerable to: GHSA-6chw-6frg-f759","Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw","Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c","Warn: Project is vulnerable to: GHSA-2j2x-2gpw-g8fm","Warn: Project is vulnerable to: GHSA-4q6p-r6v2-jvc5","Warn: Project is vulnerable to: GHSA-765h-qjxv-5f44","Warn: Project is vulnerable to: GHSA-f2jv-r9rf-7988","Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj","Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw","Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9","Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm","Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3","Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m","Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h","Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9","Warn: Project is vulnerable to: GHSA-g6ww-v8xp-vmwg","Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp","Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw","Warn: Project is vulnerable to: GHSA-52f5-9888-hmc6","Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh","Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-19T01:54:36.515Z","repository_id":25803218,"created_at":"2025-08-19T01:54:36.515Z","updated_at":"2025-08-19T01:54:36.515Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":275189874,"owners_count":25420665,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-14T02:00:10.474Z","response_time":75,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api-client","bigcommerce","javascript","node-bigcommerce","nodejs"],"created_at":"2025-09-15T01:05:20.418Z","updated_at":"2025-09-15T01:05:21.736Z","avatar_url":"https://github.com/getconversio.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Bigcommerce for Node.js\n\n[![Build Status](https://travis-ci.org/getconversio/node-bigcommerce.svg?branch=master)](https://travis-ci.org/getconversio/node-bigcommerce)\n\nA node module for authentication and use with the BigCommerce API\n\n## Installation\n\nTo install the module using NPM:\n\n```\nnpm install node-bigcommerce\n```\n\nOr Yarn:\n```\nyarn add node-bigcommerce\n```\n\n## Setup\n\nInclude the 'node-bigcommerce' module within your script and instantiate it with a config:\n\n```javascript\nconst BigCommerce = require('node-bigcommerce');\n\nconst bigCommerce = new BigCommerce({\n  logLevel: 'info',\n  clientId: '128ecf542a35ac5270a87dc740918404',\n  secret: 'acbd18db4cc2f85cedef654fccc4a4d8',\n  callback: 'https://myapplication.com/auth',\n  responseType: 'json',\n  headers: { 'Accept-Encoding': '*' }, // Override headers (Overriding the default encoding of GZipped is useful in development)\n  apiVersion: 'v3' // Default is v2\n});\n```\n\n##### Instantiating a BigCommerce instance without a config object will result in an error\n\n## Authorization\n\nSet up your Big Commerce as above and pass the following configuration options in:\n\n```\n{\n  clientId: 'Your application's client ID',\n  secret: 'Your secret',\n  callback: 'The location you want the app to return to on success',\n  responseType: 'json'\n}\n```\n\nYou will be able to get your Client ID and Secret within your application setup. Below is an example using Express' routes:\n\n```javascript\nconst express = require('express'),\n  router = express.Router(),\n  BigCommerce = require('node-bigcommerce');\n\nconst bigCommerce = new BigCommerce({\n  clientId: '128ecf542a35ac5270a87dc740918404',\n  secret: 'acbd18db4cc2f85cedef654fccc4a4d8',\n  callback: 'https://myapplication.com/auth',\n  responseType: 'json'\n});\n\nrouter.get('/auth', (req, res, next) =\u003e {\n  bigCommerce.authorize(req.query)\n    .then(data =\u003e res.render('integrations/auth', { title: 'Authorized!', data: data })\n    .catch(next);\n  });\n});\n```\n\nThe `authorize` method requires the query parameters from the request to be passed. These are required to request a permanent access token which will be passed back in the data object.\n\nAn example data object:\n\n```\n{\n  access_token: '9df3b01c60df20d13843841ff0d4482c',\n  scope: 'store_v2_orders_read_only store_v2_products_read_only users_basic_information store_v2_default',\n  user: {\n    id: 12345,\n    username: 'John Smith',\n    email: 'john@success.com'\n  },\n  context: 'stores/x43tqo'\n}\n```\n\nFrom this object you can store the `access_token` for re-use when calling the Big Commerce API.\n\n## Load \u0026 Uninstall\n\nThe only configuration element required to use the `verify` method (used for both load and uninstall endpoints) is `secret`. Below is an example using Express' routes:\n\n```javascript\nconst express = require('express'),\n  router = express.Router(),\n  BigCommerce = require('node-bigcommerce');\n\nconst bigCommerce = new BigCommerce({\n  secret: 'acbd18db4cc2f85cedef654fccc4a4d8',\n  responseType: 'json'\n});\n\nrouter.get('/load', (req, res, next) =\u003e {\n  try {\n    const data = bigCommerce.verify(req.query['signed_payload']);\n    res.render('integrations/welcome', { title: 'Welcome!', data: data });\n  } catch (err) {\n    next(err);\n  }\n});\n```\n\nThe `verify` method requires the `signed_payload` query parameter to be passed from the request. This is used to verify that the request has come from Big Commerce. The `verify` method returns the following object:\n\n```\n{\n  user: {\n    id: 12345,\n    email: 'john@success.com'\n  },\n  context: 'stores/x43tqo',\n  store_hash: 'x43tqo',\n  timestamp: 1421748597.4395974\n}\n```\n\nThis will allow you to automatically log the user in (if required) when BigCommerce calls the load endpoint or remove/label a user that has uninstalled your application from their Big Commerce account.\n\n## Calling the API\n\nThe API can be called once the user has been authorized and has an access token. There is a helper for each type of request available within Big Commerce (GET, POST, PUT, DELETE).\n\nTo make an API Request you will need the following minimum configuration:\n\n```\n{\n  clientId: 'Your application's client ID',\n  accessToken: 'Token assigned to the user during authorisation',\n  storeHash: 'The short hash for the store',\n  responseType: 'json'\n}\n```\nParameters that are added to the url need to be escaped before they are passed as part of the path of any call:\n\n```javascript\nconst path = '/products?name=' + escape('Plain T-Shirt');\n```\n\n\n### GET\n\nThe `Get` call requires a path: get(path):\n\n```javascript\nconst BigCommerce = require('node-bigcommerce');\n\nconst bigCommerce = new BigCommerce({\n  clientId: '128ecf542a35ac5270a87dc740918404'\n  accessToken: '9df3b01c60df20d13843841ff0d4482c',\n  responseType: 'json'\n});\n\nbigCommerce.get('/products')\n  .then(data =\u003e {\n    // Catch any errors, or handle the data returned\n  });\n```\n\n### POST \u0026 PUT\n\nThe 'POST' \u0026 'PUT' calls requires a path with optional data to be sent: post(path, data):\n\n```javascript\nvar BigCommerce = require('node-bigcommerce');\n\nvar bigCommerce = new BigCommerce({\n  clientId: '128ecf542a35ac5270a87dc740918404'\n  accessToken: '9df3b01c60df20d13843841ff0d4482c',\n  responseType: 'json'\n});\n\nvar product = {\n  name: 'Plain T-Shirt',\n  type: 'physical',\n  description: 'This timeless fashion staple will never go out of style!',\n  price: '29.99',\n  categories: [18],\n  availability: 'available',\n  weight: '0.5'\n}\n\n// Replace 'post' with 'put' for a put call\nbigCommerce.post('/products', product)\n  .then(data =\u003e {\n  // Catch any errors, or handle the data returned\n  });\n```\n\n### DELETE\n\nThe 'DELETE' call requires a path: delete(path). A delete call will not return any data and will return a response status of 204.\n\n```javascript\nconst BigCommerce = require('node-bigcommerce');\n\nconst bigCommerce = new BigCommerce({\n  clientId: '128ecf542a35ac5270a87dc740918404',\n  accessToken: '9df3b01c60df20d13843841ff0d4482c'\n});\n\nbigCommerce.delete('/products/' + productId)\n  .then(() =\u003e {\n  // Catch any errors, data will be null\n  });\n```\n\n## Debugging\n\nWe use `debug`, so just run with environment variable DEBUG set to `node-bigcommerce:*`\n\n```js\n$ DEBUG=node-bigcommerce:* node my_test.js\n```\n\n## Response Type\n\nYou may require the Big Commerce API to return data in a specific format. To return in either JSON or XML just add a 'responseType' to the config:\n\n```javascript\nconst BigCommerce = require('node-bigcommerce');\n\nconst bigCommerce = new BigCommerce({\n  logLevel: 'info',\n  clientId: '128ecf542a35ac5270a87dc740918404',\n  accessToken: '9df3b01c60df20d13843841ff0d4482c',\n  responseType: 'xml'\n});\n\nbigCommerce.post('/products?name=' + escape('Plain T-Shirt'))\n  .then(data =\u003e {\n  // Catch any errors, data will be null\n  });\n```\n\nNote that when returning in JSON the data will be parsed into an object, XML will not, and will return a string. When no response type is given the type will resort to whatever the BigCommerce default is.\n\nWebhooks can only be JSON so when dealing with the '/hooks' endpoint leave the responseType blank (or null).\n\n## Testing\n\n```\nyarn test\n```\n\n## Contributing\n\nThis module was originally written to be used with [Conversio](https://conversio.com) and is used in a production environment currently. This will ensure that this module is well maintained, bug free and as up to date as possible.\n\nConversio's developers will continue to make updates as often as required to have a consistently bug free platform, but we are happy to review any feature requests or issues and are accepting constructive pull requests.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgetconversio%2Fnode-bigcommerce","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgetconversio%2Fnode-bigcommerce","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgetconversio%2Fnode-bigcommerce/lists"}