node-reqwest

Node.js bindings for reqwest — a Rust HTTP client library. Provides system proxy, trusted system CA certificates, and HTTP/2 out of the box, with no additional configuration. Compatible with Electron.

Why node-reqwest?

| Feature | node-reqwest | Node.js / undici | | ---------------------- | ---------------------------------- | ---------------------------------------------------------------------------- | | DNS resolver | Recursive (hickory-dns) | Non-recursive (c-ares) — crashes Electron on Windows for nonexistent domains | | System CA certificates | Built-in | Requires win-ca, mac-ca | | System proxy | Built-in | Not available (complex Electron workaround) | | SOCKS proxy | Built-in | Not available | | HTTP/2 | Full support via hyper | Limited | | TLS | rustls | OpenSSL |

Usage

This library provides an Agent that implements the undici.Dispatcher interface. Use it as a global dispatcher for fetch or with any undici-compatible API.

import { Agent } from "node-reqwest";
import { setGlobalDispatcher } from "undici";

const agent = new Agent({
    allowH2: true,
    proxy: "system",
});

setGlobalDispatcher(agent);

// All fetch calls now use reqwest under the hood
const response = await fetch("https://example.com");

Installation safety

This package downloads a precompiled binary during npm install. GitHub releases for this project are immutable — once published, release assets cannot be modified or replaced, ensuring that the binary you download is the same one that was originally published.

In addition, the postinstall script uses node-addon-slsa to cryptographically verify that the binary was built in the same GitHub Actions workflow run as this npm package, using sigstore provenance attestations and the GitHub Attestations API.

Installation aborts with a SECURITY error if any check fails.

Requirements

• Node.js ^20.19.0 || >=22.12.0

License

Apache-2.0 OR MIT