npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@bleed-believer/ssrs

v0.0.0

Published

Render reports from SQL Server Reporting Services (SSRS) using NTLM or Basic authentication. Zero runtime dependencies.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

sleep-writtensleep-written

Keywords

ssrsntlmntlmv2reportreporting-servicessql-serverurl-access

Readme

@bleed-believer/ssrs

A TypeScript library for rendering reports from SQL Server Reporting Services (SSRS) using NTLM or Basic authentication. Zero runtime dependencies.

Installation

npm install @bleed-believer/ssrs

Usage

import { NTLMProtocol, SSRS } from '@bleed-believer/ssrs';
import { writeFile } from 'node:fs/promises';

const ntlm = new NTLMProtocol({
    username: 'administrator',
    password: 'your-password'
});

const ssrs = new SSRS('http://your-server/ReportServer', ntlm);
const file = await ssrs.renderReport('/Reports/MyReport', 'PDF', {
    startDate: new Date(2026, 0, 1),
    endDate:   new Date(2026, 0, 31)
});

await writeFile('./report.pdf', file.data);

Parallel rendering

Every renderReport call is fully independent: each one opens its own dedicated connection, performs its own NTLM handshake, and closes the connection when the response arrives. Nothing is shared between calls and no sockets are left open, so you can safely render multiple reports in parallel with a single instance:

await Promise.all([
    ssrs.renderReport('/Reports/Sales',   'EXCELOPENXML', { year: 2026 })
        .then(({ data }) => writeFile('./sales.xlsx', data)),
    ssrs.renderReport('/Reports/Summary', 'PDF', { year: 2026 })
        .then(({ data }) => writeFile('./summary.pdf', data)),
]);

API

NTLMProtocol

Handles NTLM (NTLMv2) authentication against the SSRS server. The instance only holds the credentials; each request creates and disposes its own connection.

const ntlm = new NTLMProtocol({
    username:    string,   // required
    password:    string,   // required
    domain?:     string,
    workstation?: string
});

ntlm.fetch(input, init?)

A fetch-like method that transparently performs the NTLM handshake and returns a standard Response. Supports method, headers and body (as string, Buffer, TypedArray, ArrayBuffer or URLSearchParams) from RequestInit. Redirects are not followed.

const resp = await ntlm.fetch('http://your-server/ReportServer?%2FReports%2FMyReport&rs:Format=PDF');

BasicProtocol

HTTP Basic authentication, for servers configured with RSWindowsBasic. Same fetch-like contract and the same connection model as NTLMProtocol (one ephemeral connection per request, closed when the response arrives), but with a single request instead of a handshake. Use it only over HTTPS — Basic sends the credentials with every request, merely base64-encoded.

import { BasicProtocol, SSRS } from '@bleed-believer/ssrs';

const basic = new BasicProtocol({
    username: 'administrator',
    password: 'your-password'
});

const ssrs = new SSRS('https://your-server/ReportServer', basic);

SSRS

Main class for interacting with the report server.

const ssrs = new SSRS(baseUrl: string | URL, protocol: SSRSProtocol);

The second argument accepts anything implementing SSRSProtocol ({ fetch(input, init?): Promise<Response> }), so you can plug in a custom transport instead of NTLMProtocol if your server uses another auth scheme.

ssrs.renderReport(path, format, params?)

Renders a report and returns a SSRSReport object.

| Parameter | Type | Description | |-----------|------|-------------| | path | string | Report path on the server (e.g. '/Reports/MyReport') | | format | SSRSFormat | Output format (see below) | | params | SSRSReportParams | Optional report parameters |

SSRSReportParams is Record<string, SSRSReportParamValue | SSRSReportParamValue[] | null>, where SSRSReportParamValue is string | number | boolean | Date. Each parameter accepts a single value, an array of values for multi-value parameters (empty arrays are omitted), or null:

await ssrs.renderReport('/Reports/Sales', 'PDF', {
    region:    ['North', 'South', 'East'],   // multi-value
    startDate: new Date(2026, 0, 1),         // single value
    endDate:   null,                         // null parameter
    active:    true
});

A null value is translated to the SSRS URL Access null syntax (endDate:isnull=true in the example above). The report parameter must be defined as nullable (Allow null value) in the report, otherwise the server rejects the render. Multi-value arrays cannot contain null members because SSRS does not support them.

Returns Promise<SSRSReport>:

interface SSRSReport {
    mime: string;   // MIME type reported by the server (Content-Type header),
                    // falling back to the format's default when absent
    data: Buffer;   // File contents
}

SSRSError

Every failed render throws a SSRSError (error.name === 'SSRSError'):

  • HTTP 401/403Authentication failed: the server returned HTTP <status>.
  • HTTP 3xxUnexpected HTTP <status> redirect to <location>.
  • Any other non-2xx → the human-readable message is extracted from the SSRS HTML error page; if the body is not an SSRS error page, the raw text is used.
import { SSRSError } from '@bleed-believer/ssrs';

try {
    await ssrs.renderReport('/Reports/Missing', 'PDF');
} catch (err) {
    if (err instanceof SSRSError) {
        console.error('SSRS rejected the render:', err.message);
    } else {
        throw err;
    }
}

SSRSFormat

Supported output formats and their fallback MIME types (used when the server does not send a Content-Type header):

| Value | MIME type | |-------|-----------| | 'PDF' | application/pdf | | 'EXCEL' | application/vnd.ms-excel | | 'EXCELOPENXML' | application/vnd.openxmlformats-officedocument.spreadsheetml.sheet | | 'WORD' | application/msword | | 'WORDOPENXML' | application/vnd.openxmlformats-officedocument.wordprocessingml.document | | 'PPTX' | application/vnd.openxmlformats-officedocument.presentationml.presentation | | 'CSV' | text/csv | | 'XML' | application/xml | | 'IMAGE' | image/tiff | | 'HTML4.0' | text/html | | 'HTML5' | text/html | | 'MHTML' | multipart/related | | 'ATOM' | application/atomsvc+xml | | 'RPL' | application/octet-stream | | 'NULL' | application/octet-stream |