npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@kosli/sdk

v0.4.0

Published

Developer-friendly & type-safe Typescript SDK specifically catered to leverage *@kosli/sdk* API.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

dangrondahldangrondahlalexk87alexk87jbrejnerjbrejner

Keywords

Readme

@kosli/sdk

Developer-friendly & type-safe Typescript SDK specifically catered to leverage @kosli/sdk API.

Built by Speakeasy License: MIT

[!CAUTION] Do not use in production. This SDK is an early work in progress, is unsupported, and may break or be removed without notice. Provided for evaluation only.

Summary

Kosli API: The API for communicating with Kosli

Authentication

When making requests against Kosli API, you can authenticate your requests using a bearer token. Set the bearer token in the request Authorization header to a valid API key. API Keys can be personal or for service accounts. Check the service accounts documentation for details.

Curl example

curl -H "Authorization: Bearer <<your-api-key>>" https://app.kosli.com/api/v2/environments/<<your-org-name>>

Table of Contents

SDK Installation

The SDK can be installed with either npm, pnpm, bun or yarn package managers.

NPM

npm add @kosli/sdk

PNPM

pnpm add @kosli/sdk

Bun

bun add @kosli/sdk

Yarn

yarn add @kosli/sdk

[!NOTE] This package is published as an ES Module (ESM) only. For applications using CommonJS, use await import("@kosli/sdk") to import and use this package.

Requirements

For supported JavaScript runtimes, please consult RUNTIMES.md.

SDK Example Usage

Example

import { Kosli } from "@kosli/sdk";

const kosli = new Kosli();

async function run() {
  const result = await kosli.actions.list({
    httpBearer: process.env["KOSLI_HTTP_BEARER"] ?? "",
  }, {
    org: "<value>",
  });

  console.log(result);
}

run();

Authentication

Per-Client Security Schemes

This SDK supports the following security scheme globally:

| Name | Type | Scheme | Environment Variable | | ------------ | ---- | ----------- | -------------------- | | httpBearer | http | HTTP Bearer | KOSLI_HTTP_BEARER |

To authenticate with the API the httpBearer parameter must be set when initializing the SDK client instance. For example:

import { Kosli } from "@kosli/sdk";

const kosli = new Kosli({
  httpBearer: process.env["KOSLI_HTTP_BEARER"] ?? "",
});

async function run() {
  const result = await kosli.schemas.getEnvironmentPolicyV1();

  console.log(result);
}

run();

Per-Operation Security Schemes

Some operations in this SDK require the security scheme to be specified at the request level. For example:

import { Kosli } from "@kosli/sdk";

const kosli = new Kosli();

async function run() {
  const result = await kosli.actions.list({}, {
    org: "<value>",
  });

  console.log(result);
}

run();

Available Resources and Operations

Actions

Allowlists

Approval

  • get - Get approval

Approvals

Artifacts

Asserts

Attestation

Attestations

Builds

CustomAttestationTypes

  • list - List custom attestation types
  • createOrUpdate - Create or update custom attestation type
  • get - Get custom attestation type
  • archive - Archive custom attestation type

Deployments

  • list - List Deployments
  • get - Get Deployment

EnvDiff

Environments

Flows

Organizations

Policies

  • list - List policies
  • put - Create or update policy
  • get - Get policy

Repos

Schemas

Search

  • getBySha - Search artifacts by SHA or fingerprint

ServiceAccounts

Snapshots

  • list - List snapshots
  • get - Get snapshot

Tags

Trails

User

Standalone functions

All the methods listed above are available as standalone functions. These functions are ideal for use in applications running in the browser, serverless runtimes or other environments where application bundle size is a primary concern. When using a bundler to build your application, all unused functionality will be either excluded from the final bundle or tree-shaken away.

To read more about standalone functions, check FUNCTIONS.md.

Pagination

Some of the endpoints in this SDK support pagination. To use pagination, you make your SDK calls as usual, but the returned response object will also be an async iterable that can be consumed using the for await...of syntax.

Here's an example of one such pagination call:

import { Kosli } from "@kosli/sdk";

const kosli = new Kosli();

async function run() {
  const result = await kosli.approvals.list({
    httpBearer: process.env["KOSLI_HTTP_BEARER"] ?? "",
  }, {
    flowName: "<value>",
    org: "<value>",
  });

  for await (const page of result) {
    console.log(page);
  }
}

run();

File uploads

Certain SDK methods accept files as part of a multi-part request. It is possible and typically recommended to upload files as a stream rather than reading the entire contents into memory. This avoids excessive memory consumption and potentially crashing with out-of-memory errors when working with very large files. The following example demonstrates how to attach a file stream to a request.

[!TIP]

Depending on your JavaScript runtime, there are convenient utilities that return a handle to a file without reading the entire contents into memory:

  • Node.js v20+: Since v20, Node.js comes with a native openAsBlob function in node:fs.
  • Bun: The native Bun.file function produces a file handle that can be used for streaming file uploads.
  • Browsers: All supported browsers return an instance to a File when reading the value from an <input type="file"> element.
  • Node.js v18: A file stream can be created using the fileFrom helper from fetch-blob/from.js.
import { Kosli } from "@kosli/sdk";

const kosli = new Kosli();

async function run() {
  const result = await kosli.attestations.attestCustom({
    httpBearer: process.env["KOSLI_HTTP_BEARER"] ?? "",
  }, {
    flowName: "<value>",
    trailName: "<value>",
    org: "<value>",
    body: {
      dataJson: {
        attestationName: "custom",
        gitCommitInfo: {
          sha1: "ae08fc6a5c963ae8dfaa0c27d8e5de9980d433b6",
          message: "adding glorious commit",
          author: "Jon Smith <[email protected]>",
          branch: "main",
          timestamp: 1750923680,
          url:
            "https://github.com/org/repo/commit/ae08fc6a5c963ae8dfaa0c27d8e5de9980d433b6",
        },
        userData: {},
        typeName: "custom_type",
        attestationData: "{\"key\":\"value\"}",
      },
    },
  });

  console.log(result);
}

run();

Retries

Some of the endpoints in this SDK support retries. If you use the SDK without any configuration, it will fall back to the default retry strategy provided by the API. However, the default retry strategy can be overridden on a per-operation basis, or across the entire SDK.

To change the default retry strategy for a single API call, simply provide a retryConfig object to the call:

import { Kosli } from "@kosli/sdk";

const kosli = new Kosli();

async function run() {
  const result = await kosli.actions.list({
    httpBearer: process.env["KOSLI_HTTP_BEARER"] ?? "",
  }, {
    org: "<value>",
  }, {
    retries: {
      strategy: "backoff",
      backoff: {
        initialInterval: 1,
        maxInterval: 50,
        exponent: 1.1,
        maxElapsedTime: 100,
      },
      retryConnectionErrors: false,
    },
  });

  console.log(result);
}

run();

If you'd like to override the default retry strategy for all operations that support retries, you can provide a retryConfig at SDK initialization:

import { Kosli } from "@kosli/sdk";

const kosli = new Kosli({
  retryConfig: {
    strategy: "backoff",
    backoff: {
      initialInterval: 1,
      maxInterval: 50,
      exponent: 1.1,
      maxElapsedTime: 100,
    },
    retryConnectionErrors: false,
  },
});

async function run() {
  const result = await kosli.actions.list({
    httpBearer: process.env["KOSLI_HTTP_BEARER"] ?? "",
  }, {
    org: "<value>",
  });

  console.log(result);
}

run();

Default retry policy: Unless overridden, this SDK retries on 5XX, 429, and 409 (lock conflict) responses and on connection errors, using an increasing backoff (1s initial interval, 10s max interval, ~30s total time budget).

Error Handling

KosliError is the base class for all HTTP error responses. It has the following properties:

| Property | Type | Description | | ------------------- | ---------- | --------------------------------------------------------------------------------------- | | error.message | string | Error message | | error.statusCode | number | HTTP response status code eg 404 | | error.headers | Headers | HTTP response headers | | error.body | string | HTTP body. Can be empty string if no body is returned. | | error.rawResponse | Response | Raw HTTP response | | error.data$ | | Optional. Some errors may contain structured data. See Error Classes. |

Example

import { Kosli } from "@kosli/sdk";
import * as errors from "@kosli/sdk/models/errors";

const kosli = new Kosli();

async function run() {
  try {
    const result = await kosli.actions.updateEnvironment({
      httpBearer: process.env["KOSLI_HTTP_BEARER"] ?? "",
    }, {
      org: "<value>",
      body: {
        name: "production-action",
        targets: [
          {
            "type": "EMAIL",
            "emails": [
              "[email protected]",
            ],
          },
        ],
        environments: [
          "<value 1>",
        ],
        triggers: [
          "ON_STARTED_ARTIFACT",
        ],
      },
    });

    console.log(result);
  } catch (error) {
    // The base class for HTTP error responses
    if (error instanceof errors.KosliError) {
      console.log(error.message);
      console.log(error.statusCode);
      console.log(error.body);
      console.log(error.headers);

      // Depending on the method different errors may be thrown
      if (
        error
          instanceof errors
            .FastapiAppErrorsValidationErrorResponseLocalsValidationErrorResponseModel14
      ) {
        console.log(error.data$.message); // string
        console.log(error.data$.errors); // { [k: string]: string }
      }
    }
  }
}

run();

Error Classes

Primary error:

  • KosliError: The base class for HTTP error responses.

Network errors:

Inherit from KosliError:

* Check the method documentation to see if the error is applicable.

Server Selection

Select Server by Index

You can override the default server globally by passing a server index to the serverIdx: number optional parameter when initializing the SDK client instance. The selected server will then be used as the default on the operations that use it. This table lists the indexes associated with the available servers:

| # | Server | Description | | --- | --------------------------------- | ----------- | | 0 | https://app.kosli.com/api/v2 | EU | | 1 | https://app.us.kosli.com/api/v2 | US |

Example

import { Kosli } from "@kosli/sdk";

const kosli = new Kosli({
  serverIdx: 0,
});

async function run() {
  const result = await kosli.actions.list({
    httpBearer: process.env["KOSLI_HTTP_BEARER"] ?? "",
  }, {
    org: "<value>",
  });

  console.log(result);
}

run();

Override Server URL Per-Client

The default server can also be overridden globally by passing a URL to the serverURL: string optional parameter when initializing the SDK client instance. For example:

import { Kosli } from "@kosli/sdk";

const kosli = new Kosli({
  serverURL: "https://app.us.kosli.com/api/v2",
});

async function run() {
  const result = await kosli.actions.list({
    httpBearer: process.env["KOSLI_HTTP_BEARER"] ?? "",
  }, {
    org: "<value>",
  });

  console.log(result);
}

run();

Custom HTTP Client

The TypeScript SDK makes API calls using an HTTPClient that wraps the native Fetch API. This client is a thin wrapper around fetch and provides the ability to attach hooks around the request lifecycle that can be used to modify the request or handle errors and response.

The HTTPClient constructor takes an optional fetcher argument that can be used to integrate a third-party HTTP client or when writing tests to mock out the HTTP client and feed in fixtures.

The following example shows how to:

  • route requests through a proxy server using undici's ProxyAgent
  • use the "beforeRequest" hook to add a custom header and a timeout to requests
  • use the "requestError" hook to log errors
import { Kosli } from "@kosli/sdk";
import { ProxyAgent } from "undici";
import { HTTPClient } from "@kosli/sdk/lib/http";

const dispatcher = new ProxyAgent("http://proxy.example.com:8080");

const httpClient = new HTTPClient({
  // 'fetcher' takes a function that has the same signature as native 'fetch'.
  fetcher: (input, init) =>
    // 'dispatcher' is specific to undici and not part of the standard Fetch API.
    fetch(input, { ...init, dispatcher } as RequestInit),
});

httpClient.addHook("beforeRequest", (request) => {
  const nextRequest = new Request(request, {
    signal: request.signal || AbortSignal.timeout(5000)
  });

  nextRequest.headers.set("x-custom-header", "custom value");

  return nextRequest;
});

httpClient.addHook("requestError", (error, request) => {
  console.group("Request Error");
  console.log("Reason:", `${error}`);
  console.log("Endpoint:", `${request.method} ${request.url}`);
  console.groupEnd();
});

const sdk = new Kosli({ httpClient: httpClient });

Debugging

You can setup your SDK to emit debug logs for SDK requests and responses.

You can pass a logger that matches console's interface as an SDK option.

[!WARNING] Beware that debug logging will reveal secrets, like API tokens in headers, in log messages printed to a console or files. It's recommended to use this feature only during local development and not in production.

import { Kosli } from "@kosli/sdk";

const sdk = new Kosli({ debugLogger: console });

You can also enable a default debug logger by setting an environment variable KOSLI_DEBUG to true.

Development

Maturity

This SDK is in beta, and there may be breaking changes between versions without a major version update. Therefore, we recommend pinning usage to a specific package version. This way, you can install the same version each time without breaking changes unless you are intentionally looking for the latest version.

Contributions

While we value open-source contributions to this SDK, this library is generated programmatically. Any manual changes added to internal files will be overwritten on the next generation. We look forward to hearing your feedback. Feel free to open a PR or an issue with a proof of concept and we'll do our best to include it in a future release.

SDK Created by Speakeasy