Package Health Score

94 / 100

security
No known security issues
popularity
Influential project
maintenance
Healthy
community
Active

Explore Similar Packages

Security

No known security issues

All security vulnerabilities belong to production dependencies of direct and indirect packages.

Security and license risk for significant versions

Version				Vulnerabilities	License Risk
5.0.4	\|	04/2024		0 C 0 H 0 M 0 L	0 H 0 M 0 L
4.23.0	\|	02/2024		0 C 0 H 0 M 0 L	0 H 0 M 0 L
3.84.1	\|	01/2023	Popular	0 C 0 H 0 M 0 L	0 H 0 M 0 L
2.11.1	\|	11/2016		0 C 0 H 0 M 0 L	0 H 0 M 0 L
2.10.0	\|	09/2016		0 C 0 H 0 M 0 L	0 H 0 M 0 L

License

MIT

Security Policy

Is your project affected by vulnerabilities?

Scan your projects for vulnerabilities. Fix quickly with automated fixes. Get started with Snyk for free.

Get started free

Popularity

Influential project

Weekly Downloads (1,174,925)

GitHub Stars: 1.35K
Forks: 487
Contributors: 120

Direct Usage Popularity

The npm package twilio receives a total of 1,174,925 downloads a week. As such, we scored twilio popularity level to be Influential project.

Based on project statistics from the GitHub repository for the npm package twilio, we found that it has been starred 1,348 times.

Downloads are calculated as moving averages for a period of the last 12 months, excluding weekends and known missing data points.

Community

Active

Readme.md: Yes
Contributing.md: Yes
Code of Conduct: Yes
Contributors: 120
Funding: No

A good and healthy external contribution signal for twilio project, which invites more than one hundred open source maintainers to collaborate on the repository.

Embed Package Health Score Badge

Maintenance

Healthy

Commit Frequency

Open Issues: 33
Open PR: 0
Last Release: 16 hours ago
Last Commit: 16 hours ago

Further analysis of the maintenance status of twilio based on released npm versions cadence, the repository activity, and other data points determined that its maintenance is Healthy.

We found that twilio demonstrates a positive version release cadence with at least one new version released in the past 3 months.

As a healthy sign for on-going project maintenance, we found that the GitHub repository had at least 1 pull request or issue interacted with by the community.

Keep your project healthy

Check your package.json

Ensure all the packages you're using are healthy and well-maintained

Snyk Vulnerability Scanner

Get health score & security insights directly in your IDE

Package

Node.js Compatibility: >=14.0

Age: 13 years
Dependencies: 7 Direct
Versions: 298
Install Size: 9.86 MB
Dist-tags: 4
# of Files: 1.23K
Maintainers: 1
TS Typings: Yes

twilio has more than a single and default latest tag published for the npm package. This means, there may be other tags available for this package, such as next to indicate future releases, or stable to indicate stable releases.

Not sure how to use twilio?

To help you get started, we've collected the most common ways that twilio is being used within popular public projects.

twilio / twilio-video.js / test / lib / token.js View on Github

apiKeySid,
    apiKeySecret,
    { ttl });

  accessToken.identity = identity;

  let grant = options.grant;
  switch (grant) {
    case 'conversations':
      grant = new AccessToken.ConversationsGrant({
        identity,
        configurationProfileSid
      });
      break;
    case 'video':
      grant = new AccessToken.VideoGrant({
        identity
      });
      break;
    default:
      // Do nothing.
  }

  if (grant) {
    accessToken.addGrant(grant);
  }

  return accessToken.toJwt('HS256');
}

View more ways to use twilio

twilio-node

Documentation

The documentation for the Twilio API can be found here.

The Node library documentation can be found here.

Versions

twilio-node uses a modified version of Semantic Versioning for all changes. See this document for details.

Supported Node.js Versions

This library supports the following Node.js implementations:

Node.js 14
Node.js 16
Node.js 18
Node.js LTS (20)

TypeScript is supported for TypeScript version 2.9 and above.

Warning Do not use this Node.js library in a front-end application. Doing so can expose your Twilio credentials to end-users as part of the bundled HTML/JavaScript sent to their browser.

Installation

npm install twilio or yarn add twilio

Test your installation

To make sure the installation was successful, try sending yourself an SMS message, like this:

// Your AccountSID and Auth Token from console.twilio.com
const accountSid = 'ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX';
const authToken = 'your_auth_token';

const client = require('twilio')(accountSid, authToken);

client.messages
  .create({
    body: 'Hello from twilio-node',
    to: '+12345678901', // Text your number
    from: '+12345678901', // From a valid Twilio number
  })
  .then((message) => console.log(message.sid));

After a brief delay, you will receive the text message on your phone.

Warning It's okay to hardcode your credentials when testing locally, but you should use environment variables to keep them secret before committing any code or deploying to production. Check out How to Set Environment Variables for more information.

Usage

Check out these code examples in JavaScript and TypeScript to get up and running quickly.

Environment Variables

twilio-node supports credential storage in environment variables. If no credentials are provided when instantiating the Twilio client (e.g., const client = require('twilio')();), the values in following env vars will be used: TWILIO_ACCOUNT_SID and TWILIO_AUTH_TOKEN.

If your environment requires SSL decryption, you can set the path to CA bundle in the env var TWILIO_CA_BUNDLE.

Client Initialization

If you invoke any V2010 operations without specifying an account SID, twilio-node will automatically use the TWILIO_ACCOUNT_SID value that the client was initialized with. This is useful for when you'd like to, for example, fetch resources for your main account but also your subaccount. See below:

// Your Account SID, Subaccount SID Auth Token from console.twilio.com
const accountSid = process.env.TWILIO_ACCOUNT_SID;
const authToken = process.env.TWILIO_AUTH_TOKEN;
const subaccountSid = process.env.TWILIO_ACCOUNT_SUBACCOUNT_SID;

const client = require('twilio')(accountSid, authToken);
const mainAccountCalls = client.api.v2010.account.calls.list; // SID not specified, so defaults to accountSid
const subaccountCalls = client.api.v2010.account(subaccountSid).calls.list; // SID specified as subaccountSid

Lazy Loading

twilio-node supports lazy loading required modules for faster loading time. Lazy loading is enabled by default. To disable lazy loading, simply instantiate the Twilio client with the lazyLoading flag set to false:

// Your Account SID and Auth Token from console.twilio.com
const accountSid = process.env.TWILIO_ACCOUNT_SID;
const authToken = process.env.TWILIO_AUTH_TOKEN;

const client = require('twilio')(accountSid, authToken, {
  lazyLoading: false,
});

Enable Auto-Retry with Exponential Backoff

twilio-node supports automatic retry with exponential backoff when API requests receive an Error 429 response. This retry with exponential backoff feature is disabled by default. To enable this feature, instantiate the Twilio client with the autoRetry flag set to true.

Optionally, the maximum number of retries performed by this feature can be set with the maxRetries flag. The default maximum number of retries is 3.

const accountSid = process.env.TWILIO_ACCOUNT_SID;
const authToken = process.env.TWILIO_AUTH_TOKEN;

const client = require('twilio')(accountSid, authToken, {
  autoRetry: true,
  maxRetries: 3,
});

Specify Region and/or Edge

To take advantage of Twilio's Global Infrastructure, specify the target Region and/or Edge for the client:

const accountSid = process.env.TWILIO_ACCOUNT_SID;
const authToken = process.env.TWILIO_AUTH_TOKEN;

const client = require('twilio')(accountSid, authToken, {
  region: 'au1',
  edge: 'sydney',
});

Alternatively, specify the edge and/or region after constructing the Twilio client:

const client = require('twilio')(accountSid, authToken);
client.region = 'au1';
client.edge = 'sydney';

This will result in the hostname transforming from api.twilio.com to api.sydney.au1.twilio.com.

Iterate through records

The library automatically handles paging for you. Collections, such as calls and messages, have list and each methods that page under the hood. With both list and each, you can specify the number of records you want to receive (limit) and the maximum size you want each page fetch to be (pageSize). The library will then handle the task for you.

list eagerly fetches all records and returns them as a list, whereas each streams records and lazily retrieves pages of records as you iterate over the collection. You can also page manually using the page method.

For more information about these methods, view the auto-generated library docs.

// Your Account SID and Auth Token from console.twilio.com
const accountSid = 'ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX';
const authToken = 'your_auth_token';
const client = require('twilio')(accountSid, authToken);

client.calls.each((call) => console.log(call.direction));

Enable Debug Logging

There are two ways to enable debug logging in the default HTTP client. You can create an environment variable called TWILIO_LOG_LEVEL and set it to debug or you can set the logLevel variable on the client as debug:

const accountSid = process.env.TWILIO_ACCOUNT_SID;
const authToken = process.env.TWILIO_AUTH_TOKEN;

const client = require('twilio')(accountSid, authToken, {
  logLevel: 'debug',
});

You can also set the logLevel variable on the client after constructing the Twilio client:

const client = require('twilio')(accountSid, authToken);
client.logLevel = 'debug';

Debug API requests

To assist with debugging, the library allows you to access the underlying request and response objects. This capability is built into the default HTTP client that ships with the library.

For example, you can retrieve the status code of the last response like so:

const accountSid = 'ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX';
const authToken = 'your_auth_token';

const client = require('twilio')(accountSid, authToken);

client.messages
  .create({
    to: '+14158675309',
    from: '+14258675310',
    body: 'Ahoy!',
  })
  .then(() => {
    // Access details about the last request
    console.log(client.lastRequest.method);
    console.log(client.lastRequest.url);
    console.log(client.lastRequest.auth);
    console.log(client.lastRequest.params);
    console.log(client.lastRequest.headers);
    console.log(client.lastRequest.data);

    // Access details about the last response
    console.log(client.httpClient.lastResponse.statusCode);
    console.log(client.httpClient.lastResponse.body);
  });

Handle exceptions

If the Twilio API returns a 400 or a 500 level HTTP response, twilio-node will throw an error including relevant information, which you can then catch:

client.messages
  .create({
    body: 'Hello from Node',
    to: '+12345678901',
    from: '+12345678901',
  })
  .then((message) => console.log(message))
  .catch((error) => {
    // You can implement your fallback code here
    console.log(error);
  });

or with async/await:

try {
  const message = await client.messages.create({
    body: 'Hello from Node',
    to: '+12345678901',
    from: '+12345678901',
  });
  console.log(message);
} catch (error) {
  // You can implement your fallback code here
  console.error(error);
}

If you are using callbacks, error information will be included in the error parameter of the callback.

400-level errors are normal during API operation ("Invalid number", "Cannot deliver SMS to that number", for example) and should be handled appropriately.

Use a custom HTTP Client

To use a custom HTTP client with this helper library, please see the advanced example of how to do so.

Use webhook validation

See example for a code sample for incoming Twilio request validation.

Docker image

The Dockerfile present in this repository and its respective twilio/twilio-node Docker image are currently used by Twilio for testing purposes only.

Getting help

If you need help installing or using the library, please check the Twilio Support Help Center first, and file a support ticket if you don't find an answer to your question.

If you've instead found a bug in the library or would like new features added, go ahead and open issues or pull requests against this repo!

Contributing

Bug fixes, docs, and library improvements are always welcome. Please refer to our Contributing Guide for detailed information on how you can contribute.

⚠️ Please be aware that a large share of the files are auto-generated by our backend tool. You are welcome to suggest changes and submit PRs illustrating the changes. However, we'll have to make the changes in the underlying tool. You can find more info about this in the Contributing Guide.

If you're not familiar with the GitHub pull request/contribution process, this is a nice tutorial.

Get started

If you want to familiarize yourself with the project, you can start by forking the repository and cloning it in your local development environment. The project requires Node.js to be installed on your machine.

After cloning the repository, install the dependencies by running the following command in the directory of your cloned repository:

npm install

You can run the existing tests to see if everything is okay by executing:

npm test

To run just one specific test file instead of the whole suite, provide a JavaScript regular expression that will match your spec file's name, like:

npm run test:javascript -- -m .\*client.\*

twilio dependencies

axios dayjs https-proxy-agent jsonwebtoken qs scmp xmlbuilder

twilio development dependencies

@babel/preset-env @babel/preset-typescript @types/jest @types/jsonwebtoken @types/node @types/qs babel-plugin-replace-ts-export-assignment eslint express jest jshint mock-fs nock node-mocks-http prettier ts-jest typescript typedoc

FAQs

What is twilio?

A Twilio helper library. Visit Snyk Advisor to see a full health score report for twilio, including popularity, security, maintenance & community analysis.

Is twilio popular?

The npm package twilio receives a total of 1,174,925 weekly downloads. As such, twilio popularity was classified as an influential project. Visit the popularity section on Snyk Advisor to see the full health analysis.

Is twilio well maintained?

We found that twilio demonstrated a healthy version release cadence and project activity. It has a community of 120 open source contributors collaborating on the project. See the full package health analysis to learn more about the package maintenance status.

Is twilio safe to use?

The npm package twilio was scanned for known vulnerabilities and missing license, and no issues were found. Thus the package was deemed as safe to use. See the full health analysis review.

Last updated on 18 April-2024, at 16:32 (UTC).

Build a secure application checklist

Select a recommended open source package

Minimize your risk by selecting secure & well maintained open source packages

DONE

Scan your app for vulnerabilities

Scan your application to find vulnerabilities in your: source code, open source dependencies, containers and configuration files

SCAN NOW

Fix identified vulnerabilities

Easily fix your code by leveraging automatically generated PRs

AUTO FIX

Monitor for new issues

New vulnerabilities are discovered every day. Get notified if your application is affected

MONITOR APP