Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Please archive this repository and deprecate the npm package #271

Open
yelworc opened this issue Apr 24, 2023 · 5 comments
Open

Please archive this repository and deprecate the npm package #271

yelworc opened this issue Apr 24, 2023 · 5 comments

Comments

@yelworc
Copy link

yelworc commented Apr 24, 2023

Hello, please excuse the incendiary issue title 😄

This project seems to be effectively abandoned (no commit activity, an open vulnerability and other issues with no responses). SparkPost support just informed me that they consider this a community effort and have no intentions to get involved.

Hence, to make its status clear to (current and potential future) users, I think the repo should be archived and the npm package deprecated, unless somebody feels like stepping up into an active maintainer role.

Ping @sstaley-sparkpost @orval @teolag @jgzamora (sorry to bother you – you're just the last few committers/mergers, so hoping one of you could perform these operations).
@filipecrosk
Copy link

Any suggestions to use a different package or should we just resort to writing the REST calls by ourselves?

@yelworc
Copy link
Author

yelworc commented May 10, 2023

Yes – I specifically asked if direct REST API calls were the recommended way to use SparkPost in Node.js code, to which they replied "That is correct. The official way to connect would be via API.".

(I also pointed out that they prominently feature this library on their website and in the docs, so it very much does look like an "official" resource, but got no comment on that 🤷)

@thuytrinh
Copy link

Thanks. I should have came here before running npm install sparkpost.

@jzrandall
Copy link

I just wrote a very simple client in my app using axios and was able to uninstall the library to resolve the reported vulnerabilities. But I only send basic templated emails so it didn't take much to build it out.

@lauriskuznecovs
Copy link

I just found good alternative - nodemailer

Here is the way it works:

// Load environment variables from .env file
require('dotenv-flow').config();

const nodemailer = require('nodemailer');

// Ensure the environment variable is set
if (!process.env.SPARKPOST_API_KEY) {
  throw new Error('Missing SPARKPOST_API_KEY environment variable');
}

const transporter = nodemailer.createTransport({
  host: 'smtp.eu.sparkpostmail.com',
  port: 587,
  secure: false, // true for 465, false for other ports
  auth: {
    user: 'SMTP_Injection',
    pass: process.env.SPARKPOST_API_KEY, // API key from environment variables
  },
});

const sendEmail = async () => {
  try {
    await transporter.sendMail({
      from: '[email protected]',
      to: '[email protected]',
      subject: 'Here goes email subject',
      html: '<p>Here is email body</p>',
    });
    console.log(`Email has been sent.`);
  } catch (err) {
    console.log(`Something went wrong! Couldn't send an email.`, err);
  }
}

sendEmail().catch(error => console.error(error));

This was referenced Jul 26, 2024
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@filipecrosk @yelworc @thuytrinh @jzrandall @lauriskuznecovs