Package Health Score

42 / 100

security
Security review needed
popularity
Small
maintenance
Inactive
community
Limited

Explore Similar Packages

Security

Security review needed

All security vulnerabilities belong to production dependencies of direct and indirect packages.

Security and license risk for significant versions

Version				Vulnerabilities	License Risk
1.2.0	\|	01/2014	Popular	0 C 0 H 0 M 0 L	0 H 0 M 0 L
1.1.0	\|	01/2014		0 C 0 H 0 M 0 L	0 H 0 M 0 L
1.0.1	\|	01/2014		0 C 0 H 0 M 0 L	0 H 0 M 0 L

License

BSD-3-Clause

Security Policy

Is your project affected by vulnerabilities?

Scan your projects for vulnerabilities. Fix quickly with automated fixes. Get started with Snyk for free.

Get started free

Popularity

Small

Weekly Downloads (3,074)

GitHub Stars: 48
Forks: 48
Contributors: 5

Direct Usage Popularity

The npm package global-tunnel receives a total of 3,074 downloads a week. As such, we scored global-tunnel popularity level to be Small.

Based on project statistics from the GitHub repository for the npm package global-tunnel, we found that it has been starred 48 times.

Downloads are calculated as moving averages for a period of the last 12 months, excluding weekends and known missing data points.

Community

Limited

Readme.md: Yes
Contributing.md: No
Code of Conduct: Yes
Contributors: 5
Funding: No

This project has seen only 10 or less contributors.

Embed Package Health Score Badge

Maintenance

Inactive

archived

Commit Frequency

No Recent Commits

Open Issues: 11
Open PR: 4
Last Release: 10 years ago
Last Commit: 2 years ago

Further analysis of the maintenance status of global-tunnel based on released npm versions cadence, the repository activity, and other data points determined that its maintenance is Inactive.

An important project maintenance signal to consider for global-tunnel is that it hasn't seen any new versions released to npm in the past 12 months, and could be considered as a discontinued project, or that which receives low attention from its maintainers.

In the past month we didn't find any pull request activity or change in issues status has been detected for the GitHub repository.

Keep your project healthy

Check your package.json

Ensure all the packages you're using are healthy and well-maintained

Snyk Vulnerability Scanner

Get health score & security insights directly in your IDE

Package

Node.js Compatibility: 0.1

Age: 10 years
Dependencies: 2 Direct
Versions: 4
Install Size: 0 B
Dist-tags: 1
# of Files: 0
Maintainers: 3
TS Typings: Yes

global-tunnel has more than a single and default latest tag published for the npm package. This means, there may be other tags available for this package, such as next to indicate future releases, or stable to indicate stable releases.

Readme

global-tunnel

Configures the global http and https agents to use an upstream HTTP proxy.

Works transparently to tunnel modules that use node's default http.request() method as well as the popular request module.

Usage

To make all HTTP and HTTPS connections go through an outbound HTTP proxy:

var globalTunnel = require('global-tunnel');

globalTunnel.initialize({
  host: '10.0.0.10',
  port: 8080,
  sockets: 50 // optional pool size for each http and https
});

This will use the CONNECT method for HTTPS requests and absolute-URIs for HTTP requests, which is how many network proxies are configured.

Optionally, to tear-down the global agent and restore node's default global agents:

globalTunnel.end();

Any active connections will be allowed to run to completion, but new connections will use the default global agents.

Advanced Usage

Options

The complete list of options to globalTunnel.initialize:

host - the hostname or IP of the HTTP proxy to use
port - the TCP port to use on that proxy
tunnel (optional) controls what protocols use the CONNECT method. It has three possible values (strings):
- neither - don't use CONNECT; just use absolute URIs
- https - (the default) only use CONNECT for HTTPS requests
- both - use CONNECT for both HTTP and HTTPS requests
protocol - the protocol that the proxy speaks, either https: or https:.
sockets - (optional) maximum number of TCP sockets to use in each pool. There are two pools: one for HTTP and one for HTTPS. Uses node's default (5) if falsy.

Variations

Here's a few interesting variations on the basic config.

Absolute URI Proxies

Another common proxy configuration is one that expects clients to use an absolute URI for the Request-URI for all HTTP and HTTPS requests. This is common for networks that use a proxy for security scanning and access control.

What does this mean? It means that instead of ...

GET / HTTP/1.1
Host: example.com

... your proxy expects ...

GET https://example.com/ HTTP/1.1

You'll need to specify tunnel: 'neither' if this is the case. If the proxy speaks HTTP (i.e. the connection from node --> proxy is not encrypted):

globalTunnel.initialize({
  tunnel: 'neither',
  host: '10.0.0.10',
  port: 3128
});

or, if the proxy speaks HTTPS to your app instead:

globalTunnel.initialize({
  tunnel: 'neither',
  protocol: 'https:'
  host: '10.0.0.10',
  port: 3129
});

Always-CONNECT Proxies

If the proxy expects you to use the CONNECT method for both HTTP and HTTPS requests, you'll need the tunnel: 'both' option.

What does this mean? It means that instead of ...

GET https://example.com/ HTTP/1.1

... your proxy expects ...

CONNECT example.com:443 HTTP/1.1

Be sure to set the protocol: option based on what protocol the proxy speaks.

globalTunnel.initialize({
  tunnel: 'both',
  host: '10.0.0.10',
  port: 3130
});

HTTPS configuration

EXPERIMENTAL

If tunnelling both protocols, you can use different HTTPS client configurations for the two phases of the connection.

globalTunnel.initialize({
  tunnel: 'both',
  protocol: 'https:'
  host: '10.0.0.10',
  port: 3130,
  proxyHttpsConfig: {
    // use this config for app -> proxy
  },
  originHttpsConfig: {
    // use this config for proxy -> origin
  }
});

Auto-Config

The http_proxy environment variable will be used if the first parameter to globalTunnel.initialize is null or an empty object.

process.env.http_proxy = 'https://10.0.0.1:3129';
globalTunnel.initialize();

Compatibility

Any module that doesn't specify an explicit agent: option to http.request will also work with global-tunnel.

The unit tests for this module verify that the popular request module works with global-tunnel active.

For untested modules, it's recommended that you load and initialize global-tunnel first. This way, any copies of http.globalAgent will point to the right thing.

Contributing

If you'd like to contribute to or modify global-tunnel, here's a quick guide to get you started.

Development Dependencies

node.js >= 0.10

Set-Up

Download via GitHub and install npm dependencies:

git clone git@github.com:goinstant/global-tunnel.git
cd global-tunnel
npm install

Testing

Testing is with the mocha framework. Tests are located in the test/ directory.

To run the tests:

npm test

Support

Email GoInstant Support or stop by #goinstant on freenode.

For responsible disclosures, email GoInstant Security.

To file a bug or propose a patch, please use github directly.

Legal

Licensed under the BSD 3-clause license.

global-tunnel dependencies

lodash tunnel

global-tunnel development dependencies

mocha goinstant-assert request sinon

FAQs

What is global-tunnel?

Global HTTP & HTTPS tunneling. Visit Snyk Advisor to see a full health score report for global-tunnel, including popularity, security, maintenance & community analysis.

Is global-tunnel popular?

The npm package global-tunnel receives a total of 3,074 weekly downloads. As such, global-tunnel popularity was classified as small. Visit the popularity section on Snyk Advisor to see the full health analysis.

Is global-tunnel well maintained?

We found indications that global-tunnel is an Inactive project. See the full package health analysis to learn more about the package maintenance status.

Is global-tunnel safe to use?

While scanning the latest version of global-tunnel, we found that a security review is needed. A total of 0 vulnerabilities or license issues were detected. See the full security scan results.

Last updated on 19 April-2024, at 04:35 (UTC).

Build a secure application checklist

Select a recommended open source package

Minimize your risk by selecting secure & well maintained open source packages

DONE

Scan your app for vulnerabilities

Scan your application to find vulnerabilities in your: source code, open source dependencies, containers and configuration files

SCAN NOW

Fix identified vulnerabilities

Easily fix your code by leveraging automatically generated PRs

AUTO FIX

Monitor for new issues

New vulnerabilities are discovered every day. Get notified if your application is affected

MONITOR APP