{"id":16708,"library":"basic-auth-header","title":"Basic Auth Header Generator","description":"The `basic-auth-header` package, currently at version `1.0.1` and last published in 2016, is a focused Node.js utility designed to generate HTTP Basic Authentication header values. It provides a single function that takes a username and password (as strings) and returns the formatted `Authorization: Basic <base64-encoded-credentials>` string. Its primary advantage is its extremely minimal footprint and single-purpose design, making it suitable for environments where bundle size or external dependencies are critical concerns. However, it is an older, CommonJS-only module that has been unmaintained for approximately 10 years. It does not offer features beyond basic header generation, such as handling advanced authentication flows, token management, or robust security considerations for credentials beyond simple Base64 encoding.","status":"abandoned","version":"1.0.1","language":"javascript","source_language":"en","source_url":"https://github.com/jsdevel/node-basic-auth-header","tags":["javascript"],"install":[{"cmd":"npm install basic-auth-header","lang":"bash","label":"npm"},{"cmd":"yarn add basic-auth-header","lang":"bash","label":"yarn"},{"cmd":"pnpm add basic-auth-header","lang":"bash","label":"pnpm"}],"dependencies":[],"imports":[{"note":"This package is an older CommonJS module. While Node.js ESM allows `import header from 'basic-auth-header'`, direct `require` is the intended and safest way to import in a CJS context. For pure ESM, this typically requires a build step or careful loader configuration for CJS interop.","wrong":"import header from 'basic-auth-header';","symbol":"header","correct":"const header = require('basic-auth-header');"}],"quickstart":{"code":"const header = require('basic-auth-header');\n\nconst username = 'myuser';\nconst password = process.env.BASIC_AUTH_PASSWORD ?? 'mypassword'; // Use environment variable for sensitive data\n\nconst authHeader = header(username, password);\n\nconsole.log(`Generated Basic Auth Header: ${authHeader}`);\n// Example of how to use it in a fetch request (Node.js 18+):\n// async function fetchData() {\n//   try {\n//     const response = await fetch('https://api.example.com/data', {\n//       headers: {\n//         'Authorization': authHeader\n//       }\n//     });\n//     if (!response.ok) {\n//       throw new Error(`HTTP error! status: ${response.status}`);\n//     }\n//     const data = await response.json();\n//     console.log('Fetched Data:', data);\n//   } catch (error) {\n//     console.error('Error fetching data:', error);\n//   }\n// }\n// fetchData();","lang":"javascript","description":"Demonstrates how to generate a Basic Authorization header string using a username and password, with an example of its potential use in an HTTP request."},"warnings":[{"fix":"For CommonJS projects, use `const header = require('basic-auth-header');`. For ESM projects, consider a bundler that handles CJS interop, or use dynamic import `import('basic-auth-header').then(m => m.default || m)` (if it's a default export) or `import * as header from 'basic-auth-header'` (if it's an object with a default property or named exports).","message":"This package is an older CommonJS (CJS) module and does not natively support ECMAScript Modules (ESM). Attempting to use `import` syntax in a pure ESM environment without proper tooling or configuration may lead to import errors.","severity":"breaking","affected_versions":">=1.0.0"},{"fix":"Evaluate whether a more actively maintained library or a direct implementation (using `Buffer.from('user:pass').toString('base64')` in Node.js, or `btoa('user:pass')` in browsers) is more suitable for your project to ensure ongoing security and compatibility.","message":"The `basic-auth-header` package has not been updated since its `1.0.1` release in 2016. This means it is unmaintained and may not receive security patches for potential vulnerabilities, bug fixes, or compatibility updates for newer Node.js versions or web standards.","severity":"gotcha","affected_versions":">=1.0.0"},{"fix":"Always use Basic Authentication over HTTPS. For APIs requiring higher security, consider implementing or migrating to token-based authentication (e.g., JWT, OAuth 2.0 Bearer tokens) which provide stronger security properties and greater flexibility.","message":"Basic Authentication itself transmits credentials in a Base64-encoded (not encrypted) format, making it vulnerable to interception and replay attacks if not used exclusively over HTTPS. Modern authentication often prefers more robust token-based mechanisms (e.g., Bearer tokens, OAuth).","severity":"gotcha","affected_versions":">=1.0.0"}],"env_vars":null,"last_verified":"2026-04-22T00:00:00.000Z","next_check":"2026-07-21T00:00:00.000Z","problems":[{"fix":"If your project is ESM-only, use `import * as header from 'basic-auth-header';` or `import header from 'basic-auth-header';`. Alternatively, ensure your build system (e.g., Webpack, Rollup) is configured to handle CommonJS imports into ESM, or switch the file to CommonJS if possible.","cause":"Attempting to use `require()` in an ECMAScript Module (ESM) file without a compatible loader or transpilation. This package is a CommonJS module.","error":"ReferenceError: require is not defined"}],"ecosystem":"npm"}