npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

braintree-web

v3.143.0

Published

A suite of tools for integrating Braintree in the browser

Readme

braintree-web

A suite of tools for integrating Braintree in the browser.

This is the repo to submit issues if you have any problems or questions about a Braintree JavaScript integration.

For a ready-made payment UI, see Braintree Web Drop-in.

Install

npm install braintree-web

Usage

For more thorough documentation, visit the JavaScript client SDK docs.

If you are upgrading from version 2.x, take a look at our migration guide. For migrations related to removed components (e.g., the deprecated PayPal component), see MIGRATION.md.

Hosted Fields integration

<form action="/" id="my-sample-form">
  <input type="hidden" name="payment_method_nonce" />
  <label for="card-number">Card Number</label>
  <div id="card-number"></div>

  <label for="cvv">CVV</label>
  <div id="cvv"></div>

  <label for="expiration-date">Expiration Date</label>
  <div id="expiration-date"></div>

  <input id="my-submit" type="submit" value="Pay" disabled />
</form>
var submitBtn = document.getElementById("my-submit");
var form = document.getElementById("my-sample-form");

braintree.client.create(
  {
    authorization: CLIENT_AUTHORIZATION,
  },
  clientDidCreate
);

function clientDidCreate(err, client) {
  braintree.hostedFields.create(
    {
      client: client,
      styles: {
        input: {
          "font-size": "16pt",
          color: "#3A3A3A",
        },

        ".number": {
          "font-family": "monospace",
        },

        ".valid": {
          color: "green",
        },
      },
      fields: {
        number: {
          selector: "#card-number",
        },
        cvv: {
          selector: "#cvv",
        },
        expirationDate: {
          selector: "#expiration-date",
        },
      },
    },
    hostedFieldsDidCreate
  );
}

function hostedFieldsDidCreate(err, hostedFields) {
  submitBtn.addEventListener("click", submitHandler.bind(null, hostedFields));
  submitBtn.removeAttribute("disabled");
}

function submitHandler(hostedFields, event) {
  event.preventDefault();
  submitBtn.setAttribute("disabled", "disabled");

  hostedFields.tokenize(function (err, payload) {
    if (err) {
      submitBtn.removeAttribute("disabled");
      console.error(err);
    } else {
      form["payment_method_nonce"].value = payload.nonce;
      form.submit();
    }
  });
}

Advanced integration

To be eligible for the easiest level of PCI compliance (SAQ A), payment fields cannot be hosted on your checkout page. For an alternative to the following, use Hosted Fields.

braintree.client.create(
  {
    authorization: CLIENT_AUTHORIZATION,
  },
  function (err, client) {
    client.request(
      {
        endpoint: "payment_methods/credit_cards",
        method: "post",
        data: {
          creditCard: {
            number: "4111111111111111",
            expirationDate: "10/20",
            cvv: "123",
            billingAddress: {
              postalCode: "12345",
            },
          },
        },
      },
      function (err, response) {
        // Send response.creditCards[0].nonce to your server
      }
    );
  }
);

For more examples, see the reference.

Promises

All the asynchronous methods will return a Promise if no callback is provided.

var submitBtn = document.getElementById("my-submit");
var yourStylesConfig = {
  /* your Hosted Fields `styles` config */
};
var yourFieldsConfig = {
  /* your Hosted Hields `fields` config */
};

braintree.client
  .create({ authorization: CLIENT_AUTHORIZATION })
  .then(function (client) {
    return braintree.hostedFields.create({
      client: client,
      styles: yourStylesConfig,
      fields: yourFieldsConfig,
    });
  })
  .then(function (hostedFields) {
    submitBtn.addEventListener("click", function (event) {
      event.preventDefault();
      submitBtn.setAttribute("disabled", "disabled");

      hostedFields
        .tokenize()
        .then(function (payload) {
          // send payload.nonce to your server
        })
        .catch(function (err) {
          submitBtn.removeAttribute("disabled");
          console.error(err);
        });
    });
  });

Storybook

Storybook is used for isolated component demonstration and integration testing.

Setup

Retrieve your sandbox tokenization key from your Braintree sandbox account and add it to .env.

For full functionality, add at least the following to your .env file:

BRAINTREE_JS_ENV=development
STORYBOOK_BRAINTREE_TOKENIZATION_KEY="your-sandbox-tokenization-key"

The BRAINTREE_JS_ENV=development setting is required for:

  • Using local assets in Storybook instead of CDN files
  • Making hosted-fields iframe URLs load from local resources
  • Running integration tests with local builds

Ensure the sandbox account used for testing is fully configured to use any payment methods that will be tested. For full testing capabilities, follow the steps in Integration Tests.

Development server

To run the Storybook development server

npm run storybook:dev

Local build testing

To test local development builds in Storybook instead of published CDN versions:

npm run build
npm run storybook:dev-local

This will:

  1. Copy your local build files to Storybook's static directory
  2. Start Storybook with "Assets from local build" available in the version selector
  3. Allow testing of local changes before they're published to CDN

The version selector dropdown will show "Assets from local build" when local builds are available. Select this option to load scripts from your local dist/ directory instead of the CDN.

Static build

To run the Storybook static build on a local secure server(required for Apple Pay flow to initialize)

First create a private key and certificate in the root directory of the repo

openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout key.pem -out cert.pem -subj "/CN=127.0.0.1"

Build the Storybook static files

npm run storybook:build

Start the secure server

npm run storybook:run-build

Unit Tests (with Jest)

Unit tests can be run to test the functionality of each individual component. These tests can be run with:

npm run test

Integration Tests

Playwright drives the suite on local Chromium.

Credentials

From your Braintree sandbox account, find your merchant ID, public key, private key, and tokenization key.

To test PPCPv6 functionality, you will need to follow the steps to link your Braintree Sandbox and Paypal developer account. From your Paypal developer account, you will need the email and password.

Setup

Follow the setup instructions to create your .env file, update the file to include these credentials:

BRAINTREE_JS_ENV=development
STORYBOOK_BRAINTREE_MERCHANT_ID=merchant_id
STORYBOOK_BRAINTREE_PUBLIC_KEY=public_key
STORYBOOK_BRAINTREE_PRIVATE_KEY=private_key
STORYBOOK_BRAINTREE_TOKENIZATION_KEY=tokenization_key
PAYPAL_SANDBOX_BUYER_EMAIL=paypal_sandbox_email
PAYPAL_SANDBOX_BUYER_PASSWORD=paypal_sandbox_password

To run the Apple Pay tests, generate SSL certificates for the local HTTPS server:

 .storybook/scripts/generate-test-certs.sh

Running

npm run test:integration

This builds the SDK with coverage flags (keeps *-internal.js + source maps), copies it into Storybook, builds Storybook, then runs the Chromium Playwright suite.

Running specific tests

After one initial npm run test:integration (or npm run build:integration alone) to build assets, invoke Playwright directly for iteration:

npx playwright test --config=.storybook/tests/playwright.config.ts .storybook/tests/your-test-file.test.ts

To run only a specific test case within a file, temporarily add .only to the test:

test("should test something", async function () {
  // test code here
});

test.only("should test something", async function () {
  // test code here
});

Coverage (opt-in)

V8 → Istanbul coverage is collected only when PLAYWRIGHT_INTEGRATION_COVERAGE=true is set. Default npm run test:integration skips coverage so iteration stays fast.

PLAYWRIGHT_INTEGRATION_COVERAGE=true npm run test:integration

Reports land in coverage/integration/:

  • html/index.html — per-file line/branch/function coverage
  • lcov.info — machine-readable LCOV
  • coverage-summary.txt — console-friendly table
  • coverage-totals.txt — top-line percentages (consumed by the PR coverage comment)

Releases

Subscribe to this repo to be notified when SDK releases go out.

Versions

This SDK abides by our Client SDK Deprecation Policy. For more information on the potential statuses of an SDK check our developer docs.

| Major version number | Status | Released | Deprecated | Unsupported | | -------------------- | ----------- | ------------- | ------------- | ------------- | | 3.x.x | Active | August 2016 | TBA | TBA | | 2.x.x | Unsupported | November 2014 | February 2022 | February 2023 |

License

The Braintree JavaScript SDK is open source and available under the MIT license. See the LICENSE file for more info.

Troubleshooting

General Notes

  • If running your dev-local instance, remember you will likely need to rebuild your integration and restart your server. Run npm run build:integration again. A manual server restart via npm run storybook:dev-local may be necessary.
  • We have had some issues with authorization tokens being held in caches when trying to refresh, so remember to clear your browser caches.

Authentication credentials are invalid. Either the client token has expired and a new one should be generated or the tokenization key has been deactivated or deleted.

We have come across this error when trying to run ApplePay locally, when using a shared sandbox tokenization key. While we could generate new sandbox tokens, we were unsure of what login information or account is associated with the shared merchant token. Visiting this link generates a client token for that merchant, which can be used in place of STORYBOOK_BRAINTREE_TOKENIZATION_KEY instead, e.g.:

STORYBOOK_BRAINTREE_TOKENIZATION_KEY="eyJ2ZXJzaW9uIjoyLCJ..."

Note that the generated token is only valid for 24 hours.

HTTPS Test Server

Apple Pay and other HTTPS-only flows require local SSL certificates. Generate them with:

npm run generate-test-certs

This creates .storybook/certs/localhost.key and .storybook/certs/localhost.crt (self-signed, testing only).

To enable HTTPS for a specific test, pass useHttps: true via the testServer fixture options and set ignoreHTTPSErrors: true on the Playwright use block:

test.use({
  testServerOptions: { useHttps: true },
  ignoreHTTPSErrors: true,
});