@apidevtools/swagger-express-middleware - npm Package Compare versions

Comparing version 3.0.1 to 4.0.0

CHANGELOG.md

		@@ -8,2 +8,37 @@ Change Log

		[v4.0.0](https://github.com/APIDevTools/swagger-express-middleware/tree/v4.0.0) (2020-03-24)
		----------------------------------------------------------------------------------------------------

		- Moved from a [high security risk version](https://www.npmjs.com/package/multer/v/0.1.8) of multer
		to a more [up-to-date version](https://www.npmjs.com/package/multer/v/1.4.2) to remove a
		[high-security risk dependency](https://www.npmjs.com/advisories/1469)
		- This library change resulted in some API breaking changes to the library:
		* [CHANGE](https://github.com/APIDevTools/swagger-express-middleware/pull/165#discussion_r396014909):
		Files downloaded to disk are not saved with the extension in the name so Content-Type may need to
		be set manually or based on the File object since it can not be inferred from the downloaded filename
		* The File object created from multer is a little different:
		- For compatibility `extension`
		[is backfilled](https://github.com/APIDevTools/swagger-express-middleware/pull/165/files#diff-0819ff236dc445648af37b543cd2b958R63).
		- the `name` property on File is now `filename` and doesn't include a file extension
		- the `buffer` property on File is only present if `inMemory` or `storage: memoryStorage` is used.
		- the `truncated` property on File is no longer present. Instead,
		[an error is sent](https://github.com/expressjs/multer/blob/805170c61530e1f1cafd818c9b63d16a9dd46c36/lib/make-middleware.js#L84-L85)
		through the `next` function of middleware
		* multipart opts have changed significantly
		- [Old](https://github.com/expressjs/multer/tree/b3c444728277202d1f5f720cc7269883ff888386#options)
		vs [New](https://github.com/expressjs/multer/tree/v1.4.2#multeropts)
		- See [MemoryStorage](https://github.com/expressjs/multer/tree/v1.4.2#memorystorage) if you were previously using
		`inMemory: true`, though `inMemory` option [has been recreated](https://github.com/APIDevTools/swagger-express-middleware/pull/165#discussion_r396015204),
		it may be removed in the future.
		- See [Error handling](https://github.com/expressjs/multer/tree/v1.4.2#error-handling) for more info on how to
		recreate certain functionality.
		* As with previous versions extra files provided to swagger routes will 413 and any files coming
		in outside of the swagger routes will be passed through multer. The 413 functionality was recreated
		[like so](https://github.com/APIDevTools/swagger-express-middleware/pull/165#discussion_r396015249).
		* Indexed params are placed in exactly the index specified so `foo[0]=A&foo[2]=B` results in a param
		like `foo: ["A", undefined, "B"]` whereas previously it would have been `["A", "B"]`,
		[example here](https://github.com/APIDevTools/swagger-express-middleware/blob/244a1aa05e4bc21ee96b8a7973f98c76406ea4c5/test/specs/request-parser.spec.js#L668-L679)

		[Full Changelog](https://github.com/APIDevTools/swagger-express-middleware/compare/v3.0.1...v4.0.0)

		[v3.0.0](https://github.com/APIDevTools/swagger-express-middleware/tree/v3.0.0) (2020-03-15)
		@@ -10,0 +45,0 @@ ----------------------------------------------------------------------------------------------------

lib/mock/index.js

		@@ -295,2 +295,3 @@ "use strict";

		res.set("Content-Type", file.mimetype);
		if (isAttachment) {
		@@ -297,0 +298,0 @@ // Get the filename from the "Content-Disposition" header,

lib/param-parser.js

		@@ -59,3 +59,7 @@ "use strict";
		// Validate the file (min/max size, etc.)
		req.files[param.name] = parseParameter(param, req.files[param.name], param);
		let file;
		if (req.files[param.name] && req.files[param.name][0]) {
		file = req.files[param.name][0];
		}
		req.files[param.name] = parseParameter(param, file, param);
		}
		@@ -62,0 +66,0 @@ else {

lib/request-parser.js

		@@ -10,2 +10,4 @@ "use strict";
		const tmp = require("tmp");
		const path = require("path");
		const util = require("./helpers/util");

		@@ -16,2 +18,67 @@ // Clean-up the temp directory, even if the app crashes
		/**
		* Generates a middleware that parses multipart/form-data
		*/
		function generateMultipartFormDataMiddleware (options) {
		options.allowAll = options.allowAll === undefined ? true : options.allowAll;

		if (options.inMemory && options.storage === undefined) {
		options.storage = multer.memoryStorage();
		}

		const uploader = multer(options);
		return function multipartFormData (req, res, next) {
		// Compatibility with old multer
		req.body = req.body \|\| {};
		req.files = req.files \|\| {};

		// Get all the "file" params
		if (util.isSwaggerRequest(req) && req.swagger.params.length > 0) {
		const fileFields = [];
		req.swagger.params.forEach((param) => {
		if (param.in === "formData" && param.type === "file") {
		fileFields.push({
		name: param.name,
		maxCount: 1
		});
		}
		});

		uploader.fields(fileFields)(req, res, (err) => {
		if (err && err.code === "LIMIT_UNEXPECTED_FILE") {
		next(); // let request-validator handle
		}
		else {
		next(err);
		}
		});
		}
		else {
		// Handle the multipart/form-data (even if it doesn't have any file fields)
		uploader.any()(req, res, next);
		}
		};
		}

		function multerCompatability (req, res, next) {
		function standardize (file) {
		if (file.originalname) {
		file.extension = path.extname(file.originalname).slice(1);
		}
		}

		if (req.files) {
		if (req.files.length > 0) {
		req.files.forEach((file) => standardize(file));
		}
		if (Object.keys(req.files).length > 0) {
		Object.keys(req.files).forEach((filekey) => {
		const filearray = Array.from(req.files[filekey]);
		filearray.forEach((fileRecord) => standardize(fileRecord));
		});
		}
		}
		next();
		}

		/**
		* Parses the HTTP request into useful objects.
		@@ -34,33 +101,5 @@ * This middleware populates {@link Request#params}, {@link Request#headers}, {@link Request#cookies},
		bodyParser.raw(options.raw),
		multer(options.multipart)
		generateMultipartFormDataMiddleware(options.multipart),
		multerCompatability
		];

		//
		// This code is for Multer 1.x. But we're still using Multer 0.x until this bug is fixed:
		// https://github.com/expressjs/multer/issues/212
		//
		// // Create a Multer uploader
		// let uploader = multer(options.multipart);
		//
		// /**
		// * Parses multipart/form-data
		// */
		// function multipartFormData(req, res, next) {
		// if (util.isSwaggerRequest(req) && req.swagger.params.length > 0) {
		// let fileFields = [];
		//
		// // Get all the "file" params
		// req.swagger.params.forEach(function(param) {
		// if (param.in === 'formData' && param.type === 'file') {
		// fileFields.push({name: param.name, maxCount: 1});
		// }
		// });
		//
		// // Handle the multipart/form-data (even if it doesn't have any file fields)
		// let upload = uploader.fields(fileFields);
		// upload(req, res, next);
		// }
		//
		// next();
		// }
		}
		@@ -67,0 +106,0 @@

package.json

		{
		"name": "@apidevtools/swagger-express-middleware",
		"version": "3.0.1",
		"version": "4.0.0",
		"description": "Swagger middleware and mocks for Express",
		@@ -64,3 +64,3 @@ "keywords": [
		"lodash": "^4.17.15",
		"multer": "^0.1.8",
		"multer": "^1.4.2",
		"@jsdevtools/ono": "^7.1.0",
		@@ -67,0 +67,0 @@ "@apidevtools/swagger-methods": "^3.0.0",

samples/node_modules/swagger-express-middleware/index.js

		'use strict';

		module.exports = require('../../../');

@apidevtools/swagger-express-middleware - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Dependency changes