{"id":13605318,"url":"https://github.com/npm/make-fetch-happen","last_synced_at":"2026-02-24T23:11:33.774Z","repository":{"id":35141588,"uuid":"193818300","full_name":"npm/make-fetch-happen","owner":"npm","description":"making fetch happen for npm","archived":false,"fork":false,"pushed_at":"2025-11-13T17:35:32.000Z","size":4241,"stargazers_count":205,"open_issues_count":8,"forks_count":37,"subscribers_count":9,"default_branch":"main","last_synced_at":"2026-02-20T18:10:46.699Z","etag":null,"topics":["npm-cli"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/npm.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2019-06-26T02:52:47.000Z","updated_at":"2026-01-16T22:46:29.000Z","dependencies_parsed_at":"2023-12-07T02:20:40.840Z","dependency_job_id":"0a80d248-d4b0-4ab5-8c68-505678ebf95d","html_url":"https://github.com/npm/make-fetch-happen","commit_stats":{"total_commits":500,"total_committers":42,"mean_commits":"11.904761904761905","dds":0.69,"last_synced_commit":"ecd8f33c411096e8f79ae6f7043edab11ab29289"},"previous_names":[],"tags_count":113,"template":false,"template_full_name":null,"purl":"pkg:github/npm/make-fetch-happen","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/npm%2Fmake-fetch-happen","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/npm%2Fmake-fetch-happen/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/npm%2Fmake-fetch-happen/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/npm%2Fmake-fetch-happen/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/npm","download_url":"https://codeload.github.com/npm/make-fetch-happen/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/npm%2Fmake-fetch-happen/sbom","scorecard":{"id":509971,"data":{"date":"2025-08-11","repo":{"name":"github.com/npm/make-fetch-happen","commit":"088b79d9a6f25051d4143eb9d93f85f847fce560"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":6.5,"checks":[{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":4,"reason":"5 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 4","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql-analysis.yml:25","Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql-analysis.yml:24","Info: jobLevel 'contents' permission set to 'read': .github/workflows/release.yml:247","Info: topLevel 'contents' permission set to 'read': .github/workflows/audit.yml:12","Info: topLevel 'contents' permission set to 'read': .github/workflows/ci-release.yml:22","Warn: topLevel 'checks' permission set to 'write': .github/workflows/ci-release.yml:23","Info: topLevel 'contents' permission set to 'read': .github/workflows/ci.yml:16","Info: topLevel 'contents' permission set to 'read': .github/workflows/codeql-analysis.yml:17","Warn: topLevel 'contents' permission set to 'write': .github/workflows/post-dependabot.yml:8","Info: topLevel 'contents' permission set to 'read': .github/workflows/pull-request.yml:14","Info: topLevel 'contents' permission set to 'read': .github/workflows/release-integration.yml:23","Warn: topLevel 'contents' permission set to 'write': .github/workflows/release.yml:11","Warn: topLevel 'checks' permission set to 'write': .github/workflows/release.yml:13","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/audit.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/audit.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/audit.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/audit.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-release.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/ci-release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-release.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/ci-release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-release.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/ci-release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-release.yml:113: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/ci-release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-release.yml:129: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/ci-release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-release.yml:145: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/ci-release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:95: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/codeql-analysis.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/post-dependabot.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/post-dependabot.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/post-dependabot.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/post-dependabot.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/post-dependabot.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/post-dependabot.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/pull-request.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/pull-request.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-integration.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/release-integration.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-integration.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/release-integration.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:275: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:284: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:304: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:83: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:119: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:136: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:162: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:199: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:218: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:236: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/make-fetch-happen/release.yml/main?enable=pin","Warn: npmCommand not pinned by hash: .github/workflows/audit.yml:41","Warn: npmCommand not pinned by hash: .github/workflows/ci-release.yml:62","Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:45","Warn: npmCommand not pinned by hash: .github/workflows/post-dependabot.yml:39","Warn: npmCommand not pinned by hash: .github/workflows/pull-request.yml:45","Warn: npmCommand not pinned by hash: .github/workflows/release-integration.yml:56","Warn: npmCommand not pinned by hash: .github/workflows/release.yml:50","Warn: npmCommand not pinned by hash: .github/workflows/release.yml:130","Info:   0 out of  26 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of  12 third-party GitHubAction dependencies pinned","Info:   0 out of   8 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"License","score":9,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Warn: project license file does not contain an FSF or OSI license."],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"SAST","score":9,"reason":"SAST tool detected but not run on all commits","details":["Info: SAST configuration detected: CodeQL","Warn: 21 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-20T00:17:52.723Z","repository_id":35141588,"created_at":"2025-08-20T00:17:52.723Z","updated_at":"2025-08-20T00:17:52.723Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29738083,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-23T04:51:08.365Z","status":"ssl_error","status_checked_at":"2026-02-23T04:49:15.865Z","response_time":90,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["npm-cli"],"created_at":"2024-08-01T19:00:57.323Z","updated_at":"2026-02-24T23:11:33.758Z","avatar_url":"https://github.com/npm.png","language":"JavaScript","funding_links":[],"categories":["JavaScript"],"sub_categories":[],"readme":"# make-fetch-happen\n[![npm version](https://img.shields.io/npm/v/make-fetch-happen.svg)](https://npm.im/make-fetch-happen) [![license](https://img.shields.io/npm/l/make-fetch-happen.svg)](https://npm.im/make-fetch-happen) [![Travis](https://img.shields.io/travis/npm/make-fetch-happen.svg)](https://travis-ci.org/npm/make-fetch-happen) [![Coverage Status](https://coveralls.io/repos/github/npm/make-fetch-happen/badge.svg?branch=latest)](https://coveralls.io/github/npm/make-fetch-happen?branch=latest)\n\n[`make-fetch-happen`](https://github.com/npm/make-fetch-happen) is a Node.js\nlibrary that wraps [`minipass-fetch`](https://github.com/npm/minipass-fetch) with additional\nfeatures [`minipass-fetch`](https://github.com/npm/minipass-fetch) doesn't intend to include, including HTTP Cache support, request\npooling, proxies, retries, [and more](#features)!\n\n## Install\n\n`$ npm install --save make-fetch-happen`\n\n## Table of Contents\n\n* [Example](#example)\n* [Features](#features)\n* [Contributing](#contributing)\n* [API](#api)\n  * [`fetch`](#fetch)\n  * [`fetch.defaults`](#fetch-defaults)\n  * [`minipass-fetch` options](#minipass-fetch-options)\n  * [`make-fetch-happen` options](#extra-options)\n    * [`opts.cachePath`](#opts-cache-path)\n    * [`opts.cache`](#opts-cache)\n    * [`opts.cacheAdditionalHeaders`](#opts-cache-additional-headers)\n    * [`opts.proxy`](#opts-proxy)\n    * [`opts.noProxy`](#opts-no-proxy)\n    * [`opts.ca, opts.cert, opts.key`](#https-opts)\n    * [`opts.maxSockets`](#opts-max-sockets)\n    * [`opts.retry`](#opts-retry)\n    * [`opts.onRetry`](#opts-onretry)\n    * [`opts.integrity`](#opts-integrity)\n    * [`opts.dns`](#opts-dns)\n* [Message From Our Sponsors](#wow)\n\n### Example\n\n```javascript\nconst fetch = require('make-fetch-happen').defaults({\n  cachePath: './my-cache' // path where cache will be written (and read)\n})\n\nfetch('https://registry.npmjs.org/make-fetch-happen').then(res =\u003e {\n  return res.json() // download the body as JSON\n}).then(body =\u003e {\n  console.log(`got ${body.name} from web`)\n  return fetch('https://registry.npmjs.org/make-fetch-happen', {\n    cache: 'no-cache' // forces a conditional request\n  })\n}).then(res =\u003e {\n  console.log(res.status) // 304! cache validated!\n  return res.json().then(body =\u003e {\n    console.log(`got ${body.name} from cache`)\n  })\n})\n```\n\n### Features\n\n* Builds around [`minipass-fetch`](https://npm.im/minipass-fetch) for the core [`fetch` API](https://fetch.spec.whatwg.org) implementation\n* Request pooling out of the box\n* Quite fast, really\n* Automatic HTTP-semantics-aware request retries\n* Cache-fallback automatic \"offline mode\"\n* Built-in request caching following full HTTP caching rules (`Cache-Control`, `ETag`, `304`s, cache fallback on error, etc).\n* Node.js Stream support\n* Transparent gzip and deflate support\n* [Subresource Integrity](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) support\n* Proxy support (http, https, socks, socks4, socks5. via [`@npmcli/agent`](https://npm.im/@npmcli/agent))\n* DNS cache (via ([`@npmcli/agent`](https://npm.im/@npmcli/agent))\n\n#### \u003ca name=\"fetch\"\u003e\u003c/a\u003e `\u003e fetch(uriOrRequest, [opts]) -\u003e Promise\u003cResponse\u003e`\n\nThis function implements most of the [`fetch` API](https://developer.mozilla.org/en-US/docs/Web/API/WindowOrWorkerGlobalScope/fetch): given a `uri` string or a `Request` instance, it will fire off an http request and return a Promise containing the relevant response.\n\nIf `opts` is provided, the [`minipass-fetch`-specific options](#minipass-fetch-options) will be passed to that library. There are also [additional options](#extra-options) specific to make-fetch-happen that add various features, such as HTTP caching, integrity verification, proxy support, and more.\n\n##### Example\n\n```javascript\nfetch('https://google.com').then(res =\u003e res.buffer())\n```\n\n#### \u003ca name=\"fetch-defaults\"\u003e\u003c/a\u003e `\u003e fetch.defaults([defaultUrl], [defaultOpts])`\n\nReturns a new `fetch` function that will call `make-fetch-happen` using `defaultUrl` and `defaultOpts` as default values to any calls.\n\nA defaulted `fetch` will also have a `.defaults()` method, so they can be chained.\n\n##### Example\n\n```javascript\nconst fetch = require('make-fetch-happen').defaults({\n  cachePath: './my-local-cache'\n})\n\nfetch('https://registry.npmjs.org/make-fetch-happen') // will always use the cache\n```\n\n#### \u003ca name=\"minipass-fetch-options\"\u003e\u003c/a\u003e `\u003e minipass-fetch options`\n\nThe following options for `minipass-fetch` are used as-is:\n\n* method\n* body\n* redirect\n* follow\n* timeout\n* compress\n* size\n\nThese other options are modified or augmented by make-fetch-happen:\n\n* headers - Default `User-Agent` set to make-fetch happen. `Connection` is set to `keep-alive` or `close` automatically depending on `opts.agent`.\n\nFor more details, see [the documentation for `minipass-fetch` itself](https://github.com/npm/minipass-fetch#options).\n\n#### \u003ca name=\"extra-options\"\u003e\u003c/a\u003e `\u003e make-fetch-happen options`\n\nmake-fetch-happen augments the `minipass-fetch` API with additional features available through extra options. The following extra options are available:\n\n* [`opts.cachePath`](#opts-cache-path) - Cache target to read/write\n* [`opts.cache`](#opts-cache) - `fetch` cache mode. Controls cache *behavior*.\n* [`opts.cacheAdditionalHeaders`](#opts-cache-additional-headers) - Store additional headers in the cache\n* [`opts.proxy`](#opts-proxy) - Proxy agent\n* [`opts.noProxy`](#opts-no-proxy) - Domain segments to disable proxying for.\n* [`opts.ca, opts.cert, opts.key, opts.strictSSL`](#https-opts)\n* [`opts.localAddress`](#opts-local-address)\n* [`opts.maxSockets`](#opts-max-sockets)\n* [`opts.retry`](#opts-retry) - Request retry settings\n* [`opts.onRetry`](#opts-onretry) - a function called whenever a retry is attempted\n* [`opts.integrity`](#opts-integrity) - [Subresource Integrity](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) metadata.\n* [`opts.dns`](#opts-dns) - DNS cache options\n* [`opts.agent`](#opts-agent) - http/https/proxy/socks agent options.  See [`@npmcli/agent`](https://npm.im/@npmcli/agent) for more info.\n\n#### \u003ca name=\"opts-cache-path\"\u003e\u003c/a\u003e `\u003e opts.cachePath`\n\nA string `Path` to be used as the cache root for [`cacache`](https://npm.im/cacache).\n\n**NOTE**: Requests will not be cached unless their response bodies are consumed. You will need to use one of the `res.json()`, `res.buffer()`, etc methods on the response, or drain the `res.body` stream, in order for it to be written.\n\nThe default cache manager also adds the following headers to cached responses:\n\n* `X-Local-Cache`: Path to the cache the content was found in\n* `X-Local-Cache-Key`: Unique cache entry key for this response\n* `X-Local-Cache-Mode`: Always `stream` to indicate how the response was read from cacache\n* `X-Local-Cache-Hash`: Specific integrity hash for the cached entry\n* `X-Local-Cache-Status`: One of `miss`, `hit`, `stale`, `revalidated`, `updated`, or `skip` to signal how the response was created\n* `X-Local-Cache-Time`: UTCString of the cache insertion time for the entry\n\nUsing [`cacache`](https://npm.im/cacache), a call like this may be used to\nmanually fetch the cached entry:\n\n```javascript\nconst h = response.headers\ncacache.get(h.get('x-local-cache'), h.get('x-local-cache-key'))\n\n// grab content only, directly:\ncacache.get.byDigest(h.get('x-local-cache'), h.get('x-local-cache-hash'))\n```\n\n##### Example\n\n```javascript\nfetch('https://registry.npmjs.org/make-fetch-happen', {\n  cachePath: './my-local-cache'\n}) // -\u003e 200-level response will be written to disk\n```\n\n#### \u003ca name=\"opts-cache\"\u003e\u003c/a\u003e `\u003e opts.cache`\n\nThis option follows the standard `fetch` API cache option. This option will do nothing if [`opts.cachePath`](#opts-cache-path) is null. The following values are accepted (as strings):\n\n* `default` - Fetch will inspect the HTTP cache on the way to the network. If there is a fresh response it will be used. If there is a stale response a conditional request will be created, and a normal request otherwise. It then updates the HTTP cache with the response. If the revalidation request fails (for example, on a 500 or if you're offline), the stale response will be returned.\n* `no-store` - Fetch behaves as if there is no HTTP cache at all.\n* `reload` - Fetch behaves as if there is no HTTP cache on the way to the network. Ergo, it creates a normal request and updates the HTTP cache with the response.\n* `no-cache` - Fetch creates a conditional request if there is a response in the HTTP cache and a normal request otherwise. It then updates the HTTP cache with the response.\n* `force-cache` - Fetch uses any response in the HTTP cache matching the request, not paying attention to staleness. If there was no response, it creates a normal request and updates the HTTP cache with the response.\n* `only-if-cached` - Fetch uses any response in the HTTP cache matching the request, not paying attention to staleness. If there was no response, it returns a network error. (Can only be used when request’s mode is \"same-origin\". Any cached redirects will be followed assuming request’s redirect mode is \"follow\" and the redirects do not violate request’s mode.)\n\n(Note: option descriptions are taken from https://fetch.spec.whatwg.org/#http-network-or-cache-fetch)\n\n##### Example\n\n```javascript\nconst fetch = require('make-fetch-happen').defaults({\n  cachePath: './my-cache'\n})\n\n// Will error with ENOTCACHED if we haven't already cached this url\nfetch('https://registry.npmjs.org/make-fetch-happen', {\n  cache: 'only-if-cached'\n})\n\n// Will refresh any local content and cache the new response\nfetch('https://registry.npmjs.org/make-fetch-happen', {\n  cache: 'reload'\n})\n\n// Will use any local data, even if stale. Otherwise, will hit network.\nfetch('https://registry.npmjs.org/make-fetch-happen', {\n  cache: 'force-cache'\n})\n```\n\n#### \u003ca name=\"opts-cache-additional-headers\"\u003e\u003c/a\u003e `\u003e opts.cacheAdditionalHeaders`\n\nThe following headers are always stored in the cache when present:\n\n- `cache-control`\n- `content-encoding`\n- `content-language`\n- `content-type`\n- `date`\n- `etag`\n- `expires`\n- `last-modified`\n- `link`\n- `location`\n- `pragma`\n- `vary`\n\nThis option allows a user to store additional custom headers in the cache.\n\n\n##### Example\n\n```javascript\nfetch('https://registry.npmjs.org/make-fetch-happen', {\n  cacheAdditionalHeaders: ['my-custom-header'],\n})\n```\n\n#### \u003ca name=\"opts-proxy\"\u003e\u003c/a\u003e `\u003e opts.proxy`\n\nA string or `new url.URL()`-d URI to proxy through. Different Proxy handlers will be\nused depending on the proxy's protocol.\n\nAdditionally, `process.env.HTTP_PROXY`, `process.env.HTTPS_PROXY`, and\n`process.env.PROXY` are used if present and no `opts.proxy` value is provided.\n\n(Pending) `process.env.NO_PROXY` may also be configured to skip proxying requests for all, or specific domains.\n\n##### Example\n\n```javascript\nfetch('https://registry.npmjs.org/make-fetch-happen', {\n  proxy: 'https://corporate.yourcompany.proxy:4445'\n})\n\nfetch('https://registry.npmjs.org/make-fetch-happen', {\n  proxy: {\n    protocol: 'https:',\n    hostname: 'corporate.yourcompany.proxy',\n    port: 4445\n  }\n})\n```\n\n#### \u003ca name=\"opts-no-proxy\"\u003e\u003c/a\u003e `\u003e opts.noProxy`\n\nIf present, should be a comma-separated string or an array of domain extensions\nthat a proxy should _not_ be used for.\n\nThis option may also be provided through `process.env.NO_PROXY`.\n\n#### \u003ca name=\"https-opts\"\u003e\u003c/a\u003e `\u003e opts.ca, opts.cert, opts.key, opts.strictSSL`\n\nThese values are passed in directly to the HTTPS agent and will be used for both\nproxied and unproxied outgoing HTTPS requests. They mostly correspond to the\nsame options the `https` module accepts, which will be themselves passed to\n`tls.connect()`. `opts.strictSSL` corresponds to `rejectUnauthorized`.\n\n#### \u003ca name=\"opts-local-address\"\u003e\u003c/a\u003e `\u003e opts.localAddress`\n\nPassed directly to `http` and `https` request calls. Determines the local\naddress to bind to.\n\n#### \u003ca name=\"opts-max-sockets\"\u003e\u003c/a\u003e `\u003e opts.maxSockets`\n\nDefault: 15\n\nMaximum number of active concurrent sockets to use for the underlying\nHttp/Https/Proxy agents. This setting applies once per spawned agent.\n\n15 is probably a _pretty good value_ for most use-cases, and balances speed\nwith, uh, not knocking out people's routers. 🤓\n\n#### \u003ca name=\"opts-retry\"\u003e\u003c/a\u003e `\u003e opts.retry`\n\nAn object that can be used to tune request retry settings. Retries will only be attempted on the following conditions:\n\n* Request method is NOT `POST` AND\n* Request status is one of: `408`, `420`, `429`, or any status in the 500-range. OR\n* Request errored with `ECONNRESET`, `ECONNREFUSED`, `EADDRINUSE`, `ETIMEDOUT`, or the `fetch` error `request-timeout`.\n\nThe following are worth noting as explicitly not retried:\n\n* `getaddrinfo ENOTFOUND` and will be assumed to be either an unreachable domain or the user will be assumed offline. If a response is cached, it will be returned immediately.\n\nIf `opts.retry` is `false`, it is equivalent to `{retries: 0}`\n\nIf `opts.retry` is a number, it is equivalent to `{retries: num}`\n\nThe following retry options are available if you want more control over it:\n\n* retries\n* factor\n* minTimeout\n* maxTimeout\n* randomize\n\nFor details on what each of these do, refer to the [`retry`](https://npm.im/retry) documentation.\n\n##### Example\n\n```javascript\nfetch('https://flaky.site.com', {\n  retry: {\n    retries: 10,\n    randomize: true\n  }\n})\n\nfetch('http://reliable.site.com', {\n  retry: false\n})\n\nfetch('http://one-more.site.com', {\n  retry: 3\n})\n```\n\n#### \u003ca name=\"opts-onretry\"\u003e\u003c/a\u003e `\u003e opts.onRetry`\n\nA function called with the response or error which caused the retry whenever one is attempted.\n\n##### Example\n\n```javascript\nfetch('https://flaky.site.com', {\n  onRetry(cause) {\n    console.log('we will retry because of', cause)\n  }\n})\n```\n\n#### \u003ca name=\"opts-integrity\"\u003e\u003c/a\u003e `\u003e opts.integrity`\n\nMatches the response body against the given [Subresource Integrity](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) metadata. If verification fails, the request will fail with an `EINTEGRITY` error.\n\n`integrity` may either be a string or an [`ssri`](https://npm.im/ssri) `Integrity`-like.\n\n##### Example\n\n```javascript\nfetch('https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-1.0.0.tgz', {\n  integrity: 'sha1-o47j7zAYnedYFn1dF/fR9OV3z8Q='\n}) // -\u003e ok\n\nfetch('https://malicious-registry.org/make-fetch-happen/-/make-fetch-happen-1.0.0.tgz', {\n  integrity: 'sha1-o47j7zAYnedYFn1dF/fR9OV3z8Q='\n}) // Error: EINTEGRITY\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnpm%2Fmake-fetch-happen","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnpm%2Fmake-fetch-happen","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnpm%2Fmake-fetch-happen/lists"}