{"id":17652,"library":"fis3-deploy-http-push","title":"FIS3 HTTP Push Deploy Plugin","description":"The `fis3-deploy-http-push` package serves as the default deployment plugin for the FIS3 build system, offering functionalities for both local and remote file synchronization via HTTP POST requests. Currently at version 2.0.8, it enables developers to configure custom deployment targets and attach specific data parameters for different file types directly within their FIS3 build configurations. A key characteristic is its deep integration with the FIS3 framework, allowing for sophisticated, programmatic control over the deployment process, including the ability to incorporate interactive elements like token prompts for authentication during a build. However, it is critical to note the explicit and severe security warnings associated with the provided `receiver.php` example script, which is inherently insecure and **must not be deployed in production environments**. This limitation means the plugin is primarily suitable for internal development, staging, or highly trusted network setups. The package's release cadence is not independent but rather follows the lifecycle and maintenance schedule of the broader FIS3 project.","status":"maintenance","version":"2.0.8","language":"javascript","source_language":"en","source_url":"https://github.com/fex-team/fis3-deploy-http-push","tags":["javascript","fis","fis-plus","fis3","deploy"],"install":[{"cmd":"npm install fis3-deploy-http-push","lang":"bash","label":"npm"},{"cmd":"yarn add fis3-deploy-http-push","lang":"bash","label":"yarn"},{"cmd":"pnpm add fis3-deploy-http-push","lang":"bash","label":"pnpm"}],"dependencies":[],"imports":[{"note":"This package is a CommonJS module. Direct 'require' is typically for advanced, programmatic usage as demonstrated in the '另类使用方法' section of the README, where its 'apply' method is used.","wrong":"import deployPlugin from 'fis3-deploy-http-push';","symbol":"fis3-deploy-http-push (module)","correct":"const deployPlugin = require('fis3-deploy-http-push');"},{"note":"This is the standard way to reference and configure the plugin within a FIS3 build configuration, telling FIS3 to use this plugin by its registered name.","wrong":"fis.plugin(require('fis3-deploy-http-push'), { /* config */ });","symbol":"http-push (plugin string)","correct":"fis.plugin('http-push', { /* config */ });"}],"quickstart":{"code":"const fis = require('fis3');\n\nfis.match('*.js', {\n    deploy: fis.plugin('http-push', {\n        // If configured, fis will POST files one by one to the receiver endpoint.\n        receiver: 'http://www.example.com:8080/receiver.php',\n        // This parameter will be sent along with the POST request.\n        to: '/home/fis/www',\n        // Additional parameters, backend accesses via $_POST['xx'].\n        // If 'data' contains a 'to' key, the above 'to' parameter will override it.\n        data: {\n            token : 'abcdefghijk',\n            user : 'maxming',\n            uid : 1\n        }\n    })\n});\n\n// Example of running the build (assuming fis3 CLI is installed)\n// fis.project.vcs.query = () => '1.0.0'; // Mock version for a complete example\n// fis.match('**', { release: '/$0' }); // Release all files\n// fis.log.level = fis.log.L_INFO;\n// fis.cli.run(process.argv); // This would trigger a build if run in a FIS3 project context","lang":"javascript","description":"Demonstrates how to configure the `http-push` plugin within a FIS3 project to deploy JavaScript files to a remote HTTP receiver endpoint with custom parameters."},"warnings":[{"fix":"DO NOT use the example `receiver.php` script in production. Implement a custom, secure backend receiver that includes robust authentication, authorization, and input validation, or utilize a different, secure deployment mechanism for production assets.","message":"The `receiver.php` script provided as an example in the README has severe security vulnerabilities and is explicitly marked as unsafe for production. Deploying it in a live environment will expose your server to significant risks.","severity":"breaking","affected_versions":">=1.0.0"},{"fix":"Ensure you are using `fis3` as your project's build tool. If you require a standalone HTTP deployment solution, consider alternative packages not specific to FIS3.","message":"This plugin is tightly coupled with the FIS3 build system. It is not a standalone deployment tool and requires a functioning FIS3 project setup to operate.","severity":"gotcha","affected_versions":">=1.0.0"},{"fix":"Before deploying, ensure your target server is running and configured with a custom, secure receiver script or API endpoint that can process the uploaded files sent by this plugin.","message":"The remote HTTP receiver endpoint (`receiver` option) must be a live server capable of accepting POST requests and handling file uploads. The plugin does not provide this server component itself (beyond the insecure example `receiver.php`).","severity":"gotcha","affected_versions":">=1.0.0"}],"env_vars":null,"last_verified":"2026-04-23T00:00:00.000Z","next_check":"2026-07-22T00:00:00.000Z","problems":[{"fix":"Develop a custom, secure receiver application with proper authentication, authorization, and input sanitization, or choose an alternative, secure deployment method for production.","cause":"The provided example `receiver.php` script lacks crucial security measures and is intended only for development or testing.","error":"Security vulnerability when using receiver.php in production"},{"fix":"Verify the `receiver` URL is correct and accessible. Ensure the remote server is online and the receiver script (your custom one, not the insecure example) is correctly deployed and functioning.","cause":"The `receiver` URL configured in `fis.plugin('http-push', { receiver: '...' })` is incorrect, the remote server is not running, or the receiver script has errors.","error":"Files are not deploying, or receiver responds with 404/500"},{"fix":"Double-check the `to` option in your `fis.plugin('http-push', { to: '...' })` configuration. Also, verify that your custom receiver script correctly reads and utilizes the `to` parameter to determine the target path on the server.","cause":"The `to` parameter in the plugin configuration is incorrectly set, or the remote receiver is not processing the `to` parameter as expected.","error":"Deployed files land in wrong directories on the remote server"}],"ecosystem":"npm","meta_description":null,"install_score":null,"install_tag":null,"quickstart_score":null,"quickstart_tag":null}