npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

czech-data-box

v0.2.0

Published

TypeScript-first Node.js client for Czech Data Boxes (ISDS).

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

martin.krivdamartin.krivda

Keywords

isdsczech-data-boxdatove-schrankysoaptypescriptnodejsnode-library

Readme

czech-data-box

Node.js npm version CI License GitHub stars GitHub Sponsors

TypeScript-first Node.js client for Czech Data Boxes (ISDS). The package wraps message sending, inbox polling, message download, delivery metadata, VoDZ large message operations, and document re-stamping/archive services.

Requirements

  • Development: Node.js 24.14.1, pnpm 10.33.0
  • Supported runtime: Node.js >=22.20.0 <25

The repository is managed with pnpm, strict TypeScript, Changesets, and GitHub Actions.

Bundled WSDL/XSD definitions are synced to the ISDS technical appendices from September/December 2025.

Installation

pnpm add czech-data-box

Consumers can use npm or yarn as well, but this repository itself is maintained with pnpm.

Quick Start

import ISDSBox, { DataBox } from 'czech-data-box';

const client = new ISDSBox().loginWithUsernameAndPassword(
  process.env.ISDS_LOGIN ?? '',
  process.env.ISDS_PASSWORD ?? '',
  false,
);

const ownerInfo = await client.getOwnerInfoFromLogin();
console.log(ownerInfo.ownerInfo);

const searchQuery = new DataBox().setDbId('abc123').setDbType('PO');
const searchResult = await client.findDataBox(searchQuery);
console.log(searchResult.dbResults);

Mailroom Polling

For a podatelna-style application, the recommended flow is:

  1. list received messages in a bounded time window
  2. download envelope and full content
  3. persist or enqueue the payload into your workflow system
  4. mark the message as downloaded only after the handoff succeeds
import ISDSBox from 'czech-data-box';

const client = new ISDSBox().loginWithUsernameAndPassword(
  process.env.ISDS_LOGIN ?? '',
  process.env.ISDS_PASSWORD ?? '',
  false,
);

const batch = await client.pollReceivedMessages({
  dmFromTime: new Date(Date.now() - 15 * 60 * 1000),
  dmToTime: new Date(),
  dmLimit: 50,
  includeEnvelope: true,
  includeMessage: true,
});

for (const item of batch.items) {
  const dmID = item.record.dmID;
  if (!dmID) {
    continue;
  }

  await workflow.enqueue({
    dmID,
    envelope: item.envelope,
    message: item.message,
    deliveryTime: item.record.dmDeliveryTime ?? null,
  });

  await client.markMessageAsDownloaded(dmID);
}

pollReceivedMessages() automatically switches to BigMessageDownload for VoDZ records detected in the inbox listing.

For a long-running worker, use watchReceivedMessages(...) with AbortSignal:

import ISDSBox from 'czech-data-box';

const controller = new AbortController();

const client = new ISDSBox().loginWithUsernameAndPassword(
  process.env.ISDS_LOGIN ?? '',
  process.env.ISDS_PASSWORD ?? '',
  false,
);

for await (const batch of client.watchReceivedMessages({
  intervalMs: 30_000,
  signal: controller.signal,
  includeEnvelope: true,
  includeMessage: true,
  notifications: {
    scope: 'ALL',
  },
})) {
  for (const item of batch.items) {
    const dmID = item.record.dmID;
    if (!dmID) {
      continue;
    }

    await workflow.enqueue({
      dmID,
      envelope: item.envelope,
      message: item.message,
    });

    await client.markMessageAsDownloaded(dmID);
  }
}

For a single blocking wait, use waitForNewMessages(...).

Note: according to the ISDS operational rules, GetListOfReceivedMessages is the operation with delivery semantics for inbox access. Design your polling job and audit trail around that behavior.

Sending Messages

import ISDSBox, { DataMessage } from 'czech-data-box';

const client = new ISDSBox().loginWithUsernameAndPassword(
  process.env.ISDS_LOGIN ?? '',
  process.env.ISDS_PASSWORD ?? '',
  false,
);

const message = new DataMessage({
  dbIDRecipient: 'abc123',
  dmAnnotation: 'Integration test',
  dmPersonalDelivery: true,
});

const result = await client.createMessage(message, [
  {
    dmFilePath: './document.pdf',
    dmMimeType: 'application/pdf',
    dmFileMetaType: 'main',
    dmFileDescr: 'document.pdf',
  },
]);

console.log(result.dmID);

The library also supports createMultipleMessage(...) for circular messages and createBigMessage(...) for VoDZ payloads built from uploaded attachments.

Message Operations

Inbox and download flow:

  • listReceivedMessages(...)
  • downloadMessageEnvelope(dmID)
  • downloadMessage(dmID)
  • downloadBigMessage(dmID)
  • markMessageAsDownloaded(dmID)
  • pollReceivedMessages(...)
  • waitForNewMessages(...)
  • watchReceivedMessages(...)

Sent and audit flow:

  • listSentMessages(...)
  • getSentMessageEnvelope(dmID)
  • verifyMessage(dmID)
  • getDeliveryInfo(dmID)
  • getSignedDeliveryInfo(dmID)
  • downloadSignedMessage(dmID)
  • downloadSignedSentMessage(dmID)
  • getMessageStateChanges(...)
  • getMessageAuthor(dmID)
  • getMessageAuthorDetails(dmID)

Lifecycle and notifications:

  • eraseMessage(...)
  • getErasedMessages(...)
  • pickUpAsyncResponse(...)
  • listNotifications(...)
  • registerForNotifications(action)
  • reportSuspiciousMessage(...)

Security, VoDZ, and archive:

  • uploadAttachment(...)
  • downloadAttachment(...)
  • authenticateMessage(...)
  • authenticateBigMessage(...)
  • downloadSignedBigMessage(dmID)
  • downloadSignedSentBigMessage(dmID)
  • reSignIsdsDocument(dmDocBase64)
  • archiveIsdsDocument(dmMessageBase64)

Authentication Modes

The library reflects the connection variants documented in the ISDS operational rules:

  • loginWithUsernameAndPassword(...) uses https://ws1.../DS/*
  • loginWithPkcs12Certificate(...) uses https://ws1c.../cert/DS/*
  • loginWithUsernamePasswordAndCertificate(...) uses https://ws1c.../certds/DS/*
  • loginWithHostedSpisServiceCertificate(...) uses https://ws1c.../hspis/DS/*

Example with certificate + basic authentication:

import { readFile } from 'node:fs/promises';
import ISDSBox from 'czech-data-box';

const pkcs12 = await readFile('./certificate.p12', { encoding: 'base64' });

const client = new ISDSBox().loginWithUsernamePasswordAndCertificate(
  process.env.ISDS_LOGIN ?? '',
  process.env.ISDS_PASSWORD ?? '',
  pkcs12,
  process.env.ISDS_CERT_PASSPHRASE ?? '',
  false,
);

dm_arch and dm_VoDZ are exposed through SOAP 1.2 clients. The bundled WSDLs explicitly publish the base ws2 endpoints. Certificate variants for ws2c are implemented by inference from the same endpoint pattern used by ws1/ws1c.

Development

pnpm install
pnpm verify

Useful scripts:

  • pnpm lint
  • pnpm typecheck
  • pnpm test
  • pnpm test:watch
  • pnpm build
  • pnpm test:package
  • pnpm changeset

Docs

Examples

The runnable examples in examples/ import from dist, so build the package first:

pnpm build
node examples/db_search.mjs

For real ISDS integration testing, use test credentials and prefer the ISDS test environment (productionMode = false).

Versioning and Changelog

This project follows SemVer through Changesets. Every user-facing change should ship with a changeset, and releases update CHANGELOG.md automatically.

Credits

License

This project is licensed under the MIT License. See the LICENSE file for details.