Multer

Node.js middleware for handling multipart/form-data file uploads in Express. Multer processes file uploads from HTML forms, providing access to uploaded files and form fields. Supports disk storage (saves to filesystem) and memory storage (keeps in buffer), with size limits, file type filters, and custom filename logic. The standard file upload middleware for Express agent backends.

Evaluated Mar 06, 2026 (0d ago) v2.x
Homepage ↗ Repo ↗ Developer Tools node.js express file-upload multipart form-data middleware storage
⚙ Agent Friendliness
65
/ 100
Can an agent use this?
🔒 Security
83
/ 100
Is it safe for agents?
⚡ Reliability
83
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
--
Documentation
85
Error Messages
80
Auth Simplicity
95
Rate Limits
90

🔒 Security

TLS Enforcement
95
Auth Strength
80
Scope Granularity
78
Dep. Hygiene
80
Secret Handling
82

CRITICAL: always set limits (fileSize, files) to prevent DoS. Validate file types server-side with magic bytes. Store uploaded files outside web root. Scan uploads for malware in production agent systems.

⚡ Reliability

Uptime/SLA
90
Version Stability
82
Breaking Changes
80
Error Recovery
80
AF Security Reliability

Best When

You need to handle file uploads in an Express agent API with easy access to uploaded file buffers or disk storage.

Avoid When

You're using Fastify (use @fastify/multipart), or handling large file streaming directly to object storage without local buffering.

Use Cases

  • Handle file uploads in agent APIs — documents, images, audio — for processing in agent pipelines
  • Accept user-uploaded files in agent configuration portals with file type and size validation
  • Process multipart form submissions with both file and text fields in agent data collection endpoints
  • Upload training data or evaluation files to agent backends for processing and storage
  • Handle bulk file uploads to agent document processing services with streaming to cloud storage

Not For

  • Non-Express frameworks — use busboy directly for Fastify or other frameworks
  • Streaming large files to cloud storage — combine Multer with multer-s3 or stream to S3 directly
  • APIs without file upload requirements — don't add Multer overhead if not handling uploads

Interface

REST API
No
GraphQL
No
gRPC
No
MCP Server
No
SDK
Yes
Webhooks
No

Authentication

Methods: none
OAuth: No Scopes: No

File upload middleware — no auth. Auth must be implemented separately.

Pricing

Model: open_source
Free tier: Yes
Requires CC: No

Completely free and open source, part of the expressjs organization.

Agent Metadata

Pagination
none
Idempotent
Partial
Retry Guidance
Not documented

Known Gotchas

  • memoryStorage() keeps files in Node.js buffer — large files or many concurrent uploads can cause OOM; use diskStorage() or stream to S3 for production
  • File type filtering via fileFilter is not security validation — it checks MIME type which can be spoofed; validate magic bytes server-side for actual security
  • Multer 1.x is in maintenance mode — Multer 2.x (v2) has breaking changes; verify which version your code targets
  • upload.single() vs upload.array() vs upload.fields() — using wrong method for your form structure causes req.file/req.files to be undefined
  • Multer must be used as middleware before the route handler — placing it inside the handler body doesn't work
  • Disk storage filenames: destination callback receives req and file but req.body is not yet populated — can't use body fields to determine upload path

Alternatives

formidable-api busboy-api

Full Evaluation Report

Detailed scoring breakdown, competitive positioning, security analysis, and improvement recommendations for Multer.

$99
API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-06.

5215
Packages Evaluated
26151
Need Evaluation
173
Need Re-evaluation
Community Powered