{"id":37718030,"url":"https://github.com/tchar/xml-express-middleware","last_synced_at":"2026-01-16T13:29:56.339Z","repository":{"id":57401822,"uuid":"129157578","full_name":"tchar/xml-express-middleware","owner":"tchar","description":"Middleware that modifies the send function of express res.send to respond with xml. It also provides a res.xml method to reply with xml on demand","archived":false,"fork":false,"pushed_at":"2018-04-17T12:38:14.000Z","size":152,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-09-28T05:00:44.821Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tchar.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-04-11T21:42:27.000Z","updated_at":"2018-04-16T09:26:53.000Z","dependencies_parsed_at":"2022-09-15T18:41:13.430Z","dependency_job_id":null,"html_url":"https://github.com/tchar/xml-express-middleware","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/tchar/xml-express-middleware","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tchar%2Fxml-express-middleware","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tchar%2Fxml-express-middleware/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tchar%2Fxml-express-middleware/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tchar%2Fxml-express-middleware/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tchar","download_url":"https://codeload.github.com/tchar/xml-express-middleware/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tchar%2Fxml-express-middleware/sbom","scorecard":{"id":870596,"data":{"date":"2025-08-11","repo":{"name":"github.com/tchar/xml-express-middleware","commit":"4091dba7b06d05828be49d92af7090df8ae99ce9"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":1.7,"checks":[{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":0,"reason":"29 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw","Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x","Warn: Project is vulnerable to: GHSA-rq8g-5pc5-wrhr","Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc","Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx","Warn: Project is vulnerable to: GHSA-qrmc-fj45-qfc2","Warn: Project is vulnerable to: GHSA-fjxv-7rqg-78g4","Warn: Project is vulnerable to: GHSA-44pw-h2cw-w3vq","Warn: Project is vulnerable to: GHSA-c429-5p7v-vgjp","Warn: Project is vulnerable to: GHSA-896r-f27r-55mw","Warn: Project is vulnerable to: GHSA-4xc9-xhrj-v574","Warn: Project is vulnerable to: GHSA-x5rq-j2xg-h7qm","Warn: Project is vulnerable to: GHSA-jf85-cpcp-j695","Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw","Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9","Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm","Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3","Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m","Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h","Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j","Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w","Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp","Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6","Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg","Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p","Warn: Project is vulnerable to: GHSA-mf6x-7mm4-x2g7","Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-24T04:05:46.821Z","repository_id":57401822,"created_at":"2025-08-24T04:05:46.821Z","updated_at":"2025-08-24T04:05:46.821Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28479033,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-16T11:59:17.896Z","status":"ssl_error","status_checked_at":"2026-01-16T11:55:55.838Z","response_time":107,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-01-16T13:29:56.278Z","updated_at":"2026-01-16T13:29:56.330Z","avatar_url":"https://github.com/tchar.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# XML Express Middleware\n\n## How to use\nRun\n```bash\nnpm install xml-express-middleware --save\n```\n\nThis module exposes two middlewares\n\n## xml\nThis middleware adds an xml function to res to use with res.xml\n\n### Usage\n```javascript\nconst app = require('express')();\nconst xmlMiddleware = require('xml-express-middleware').xml;\nconst options = {\n    // Define your options\n};\n\napp.use(xmlMiddleware(options));\n\napp.get('/', function(req, res, next){\n    res.xml({\n        someProperty: 'someValue',\n        someOtherProperty: ['someOtherValue1', 'someOtherValue2']\n    });\n});\n\napp.listen(8080);\n```\n\nIn the above example if you perform an xml request on http://localhost:8080/ you will get the following xml response\n```xml\n\u003c?xml version=\"1.0\" encoding=\"utf-8\"?\u003e\n\u003csomeProperty\u003e\n    someValue\n\u003c/someProperty\u003e\n\u003csomeOtherProperties\u003e\n    \u003csomeOtherProperty\u003e\n        someOtherValue1\n    \u003c/someOtherProperty\u003e\n    \u003csomeOtherProperty\u003e\n        someOtherValue2\n    \u003c/someOtherProperty\u003e\n\u003c/someOtherProperties\u003e\n```\n\n### Options\nThe following options can be passed\n\nProperty | Value | Description\n--- | --- | ---\ntransformXmlKeys | string:['decamelize','camelize','none'], default:'none' | transform the xml keys \nrootXmlKey | string, default:elements | adds root xml key when the json is an array\nxmlName | string, default: 'xml' | the name of the function to be added to res. default is xml meaning it will add an xml method to res.\nnoXmlTransform | boolean, default: false | if true does not transform the original json to xml and ignores all other xml related options\n\nSo for example the following json response\n```json\n[{\n    \"someKey\": \"someValue1\"\n},{\n    \"someKey\": \"someValue2\"\n}]\n```\nby using\n```javascript\napp.use(require('xml-express-middleware').xml({transformXmlKeys: 'decamelize', rootXmlKey: 'someElement'}))\n```\nwill produce a response\n```xml\n\u003c?xml version=\"1.0\" encoding=\"utf-8\"?\u003e\n\u003csome_elements\u003e\n    \u003csome_element\u003e\n        \u003csome_key\u003e\n            someValue1\n        \u003c/some_key\u003e\n    \u003c/some_element\u003e\n    \u003csome_element\u003e\n        \u003csome_key\u003e\n            someValue2\n        \u003c/some_key\u003e\n    \u003c/some_element\u003e\n\u003c/some_elements\u003e\n```\n\n**Note: undefined and null values will be transformed to '' in the xml in order to avoid having undefined values. So a value with the respecive keyname \"key\" will result in the \u003ckey/\u003e xml version of it. In the relevant json response, null and undefined values are not transformed.**\n\n**Note: If the json is an array then you should use the option rootXmlKey to add a root to your xml, otherwise the keys will have a default root element named 'elements'. You can use this middleware in a specific express path instead of app.use(xmlMiddleware()), in order to have different root keys if need be.**\n\n## send\nThis middleware by default replaces the send function of express' res.send method with the equivalent send version which sends an xml response\nwhen the header proper `Accept` header is set (default `application/xml`, `text/xml`).\n\nIn this way you can use res.send() and let the function handle the response type. If there is no header and the data to be sent is an object, then res.json is used otherwise the original epxress' res.send is used.\n\nIt can also be defined through optons the send name to be assigned to res if you don't want to override res's default send function.\n\n### Usage\n```javascript\nconst app = require('express')();\nconst sendMiddleware = require('xml-express-middleware');\n//or\nconst sendMiddleware = require('xml-express-middleware').send;\nconst options = {\n    // Define your options\n};\n\napp.use(sendMiddleware(options));\n\napp.get('/', function(req, res, next){\n    res.send({\n        someProperty: 'someValue',\n        someOtherProperty: ['someOtherValue1', 'someOtherValue2']\n    });\n});\n\napp.listen(8080);\n```\nif `Accept` headers are not set the response will be:\n```json\n{\n    \"someProperty\": \"someValue\",\n    \"someOtherProperty\": [\n        \"someOtherValue1\",\n        \"someOtherValue2\"\n    ]\n}\n```\n\nwhereas if `Accept: application/xml` or `Accept: application/xml` header is set the response will be (with no options):\n```xml\n\u003c?xml version=\"1.0\" encoding=\"utf-8\"?\u003e\n\u003csomeProperty\u003e\n    someValue\n\u003c/someProperty\u003e\n\u003csomeOtherProperties\u003e\n    \u003csomeOtherProperty\u003e\n        someOtherValue1\n    \u003c/someOtherProperty\u003e\n    \u003csomeOtherProperty\u003e\n        someOtherValue2\n    \u003c/someOtherProperty\u003e\n\u003c/someOtherProperties\u003e\n```\n\n### Options\nThe options are a superset of the options from the xml middleware\n\nKey | Value | Description\n--- | --- | ---\ntransformXmlKeys | string:['decamelize','camelize','none'], default:'none' | transform the xml keys\nrootXmlKey | string, default:elements | adds a root xml to the xml tree only when the json is an array\ntransformJsonKeys | string:['decamelize','camelize','none'], default:'none' | transform the json properties\nsendName | string, default: 'send' | the name of the function to be added to res. default is send meaning res' default send method will be overriden.\nxmlAcceptHeaders | array of strings or RegExp, default ['application/xml', 'text/xml'] | the headers which res.send checks to send a response in xml. You can pass a RegExp instead of an array of strings.\nnoXmlTransform | boolean, default: false | if true does not transform the original json to xml and ignores all other xml related options\n\n## Tests\nYou can run the tests using npm test, which spawns an express app listening to the port 8095 and performs the tests.\n\nYou will need the following dev dependencies\n```json\n{\n    \"devDependencies\": {\n        \"assert\": \"^1.4.1\",\n        \"express\": \"^4.16.3\",\n        \"mocha\": \"^5.0.5\",\n        \"request\": \"^2.85.0\",\n        \"request-promise\": \"^4.2.2\"\n    }\n}\n```\nRun with\n```bash\nnpm test\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftchar%2Fxml-express-middleware","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftchar%2Fxml-express-middleware","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftchar%2Fxml-express-middleware/lists"}