npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

boundary-sdk

v2.0.0

Published

API Normalization SDK - A TypeScript-first SDK that enforces a single stable contract across all third-party API providers

Readme

Boundary

A TypeScript SDK that normalizes third-party API interactions through a unified request pipeline, enforcing consistent error handling, rate limiting, and response shapes across providers.

Problem Statement

Applications integrating multiple third-party APIs face inconsistent response formats, error structures, rate limit behaviors, and pagination strategies. This fragmentation requires provider-specific error handling, retry logic, and data transformation code that is difficult to maintain and test.

Boundary provides a single abstraction layer that normalizes these differences, allowing applications to interact with any provider through a consistent interface while maintaining type safety and resilience patterns.

Non-Goals

  • UI components or dashboards
  • API mocking or stubbing frameworks
  • Request recording or replay functionality
  • GraphQL support (v1)
  • Webhook handling (v1)
  • Multi-region routing
  • Built-in caching (applications can layer caching on top)

Installation

npm install boundary-sdk

Requirements

  • Node.js ≥18.0.0 (required for fetch, Headers, AbortController, crypto.randomUUID)

Usage

IMPORTANT: Boundary requires async initialization. Always use Boundary.create():

import { Boundary } from "boundary-sdk";

// ✅ CORRECT: Async initialization
const boundary = await Boundary.create({
  github: {
    auth: { token: process.env.GITHUB_TOKEN },
  },
  localUnsafe: true, // Required for local development without StateStorage
});

const { data, meta } = await boundary.github.get("/users/octocat");
console.log(meta.rateLimit.remaining);

❌ NEVER use new Boundary() - the constructor is private and will fail.

Production Deployment

For distributed deployments (serverless, multiple instances), you must provide a StateStorage implementation:

import { Boundary } from "boundary-sdk";
import { RedisStateStorage } from "./your-redis-storage.js";

const boundary = await Boundary.create({
  mode: "distributed",
  stateStorage: new RedisStateStorage(redisClient), // Required in distributed mode
  github: {
    auth: { token: process.env.GITHUB_TOKEN },
  },
});

Without stateStorage in distributed mode, startup will fail. This is intentional - in-memory state cannot be shared across instances.

Local Development

For local development, explicitly opt-in to unsafe in-memory state:

const boundary = await Boundary.create({
  mode: "local", // or omit mode
  localUnsafe: true, // Explicitly acknowledge unsafe state
  github: {
    auth: { token: process.env.GITHUB_TOKEN },
  },
});

Warning: localUnsafe: true means circuit breaker and rate limiter state will be lost on process restart. This is acceptable for development but must not be used in production.

Safety Guarantees

Boundary enforces safety by default:

  1. Fail-Fast Initialization: SDK cannot be used before initialization completes. All methods throw if called before Boundary.create() resolves.

  2. Fail-Closed State Management: Distributed mode requires StateStorage. In-memory state is opt-in only via localUnsafe: true.

  3. Guaranteed Secret Redaction: All observability paths (logs, errors, metrics) automatically redact sensitive fields: authorization, cookie, token, apiKey, api_key, body.

  4. No Silent Degradation: Runtime failures are explicit. Invalid configurations fail at startup. Adapter validation failures stop initialization.

Public API

Boundary Class

  • static create(config: BoundaryConfig, adapters?: Map<string, ProviderAdapter>): Promise<Boundary> - Use this to create instances
  • getCircuitStatus(provider: string): CircuitBreakerStatus | null
  • registerProvider(name: string, adapter: ProviderAdapter, config: ProviderConfig): Promise<void>

Provider Client

Each configured provider exposes a client with:

  • get<T>(endpoint: string, options?: RequestOptions): Promise<NormalizedResponse<T>>
  • post<T>(endpoint: string, options?: RequestOptions): Promise<NormalizedResponse<T>>
  • put<T>(endpoint: string, options?: RequestOptions): Promise<NormalizedResponse<T>>
  • patch<T>(endpoint: string, options?: RequestOptions): Promise<NormalizedResponse<T>>
  • delete<T>(endpoint: string, options?: RequestOptions): Promise<NormalizedResponse<T>>
  • paginate<T>(endpoint: string, options?: RequestOptions): AsyncGenerator<NormalizedResponse<T>>

Project Status

v2.0.0 - Production-ready safety contract established. Core functionality is stable. Provider coverage is expanding. API stability guaranteed for 2.x releases.

License

MIT. See LICENSE.md for details.