@autofleet/super-express - npm Package Compare versions

Comparing version 1.1.21-beta-4 to 2.0.0

index.js

@@ -1,51 +0,25 @@
-const express = require('express')
+import express from 'express';
+import helmet from 'helmet';
+import morgan from 'morgan';
 
-const chalk = require('chalk');
+import defaultOptions from './default-options.json';
 
-const helmet = require('helmet')
-const bodyParser = require('body-parser')
-const morgan = require('morgan')
+export default function(options = {}) {
+    const app = express(options);
+    const isProd = process.env.NODE_ENV === 'production';
+    const mergedOptions = Object.assign({}, defaultOptions, options);
 
-const defaultOptions = require('./default-options.json')
-
-module.exports = function(options = {}) {
-    const app = express(options)
-
-    const isProd = process.env.NODE_ENV === 'production'
-    const isStage = process.env.NODE_ENV === 'staging'
-    const mergedOptions = Object.assign({}, defaultOptions, options)
-
-    if (options.httpLogCb) {
-        app.use(morgan((tokens, req, res) => {
-            options.httpLogCb({
-                method: tokens.method(req, res),
-                url: tokens.url(req, res),
-                status: tokens.status(req, res),
-                'content-length': tokens.res(req, res, 'content-length'),
-                'response-time': tokens['response-time'](req, res),
-                'user-agent': tokens['user-agent'](req, res),
-            })
-        }))
+    app.use(morgan(':method :url :status :res[content-length] - :response-time ms'));
+    app.use(helmet());
+    if (mergedOptions.bodyParser) {
+        app.use(express.json({ limit: '1000mb' }))
     } else {
-        app.use(morgan(':method :url :status :res[content-length] - :response-time ms'))
+        console.log('[SuperExpress] Body parser is disabled');
     }
 
-    // Timeout
-    app.use((req, res, next) => {
-        req.socket.setKeepAlive(true);
-        next();
-    });
-      
-
-    // General
-    app.use(helmet());
-    if( mergedOptions.bodyParser ) {
-        app.use(bodyParser.json({ limit: '1000mb' }))
-    }
-
     app.nativeListen = app.listen
     app.listen = function (port, cb) {
-        console.log(chalk.blue(`Super express will listen on port ${port}`))
-        console.log(chalk.blue(`Production mode: ${isProd}`))
-        return app.nativeListen(port, cb)
+        console.log(`[SuperExpress] will listen on port ${port}`);
+        console.log(`[SuperExpress] Production mode: ${isProd}`);
+        app.nativeListen(port, cb)
     }
@@ -52,0 +26,0 @@

package.json

 {
   "name": "@autofleet/super-express",
-  "version": "1.1.21-beta-4",
+  "version": "2.0.0",
   "description": "AF Express with built in boilerplate",
   "main": "index.js",
-  "author": "",
+  "type": "module",
+  "author": "Autofleet",
   "license": "MIT",
   "dependencies": {
-    "body-parser": "^1.19.0",
-    "chalk": "^2.4.1",
-    "express": "^4.17.1",
-    "helmet": "^4.6.0",
-    "morgan": "^1.10.0"
+    "express": "^4.19.2",
+    "helmet": "^3.21.2",
+    "morgan": "^1.9.1"
   },
@@ -25,3 +24,7 @@ "scripts": {
   },
-  "homepage": "https://github.com/Autofleet/super-express#readme"
+  "homepage": "https://github.com/Autofleet/super-express#readme",
+  "devDependencies": {
+    "@types/express": "^4.17.21",
+    "@types/helmet": "^4.0.0"
+  }
 }

New alerts

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Fixed alerts

No contributors or author data

Maintenance

Package does not specify a list of contributors or an author in package.json.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Improved metrics

Dependency count

3

decreased by-40%

Number of low maintenance alerts

1

decreased by-50%

Number of low quality alerts

2

decreased by-33.33%

Number of low supply chain risk alerts

1

decreased by-50%

Is type module

Yes

Worsened metrics

Total package byte prevSize

1692

decreased by-28.24%

Dev dependency count

2

increased byInfinity%

Lines of code

27

decreased by-42.55%

Number of medium supply chain risk alerts

1

increased byInfinity%

Dependency changes

• + Addedbowser@2.9.0(transitive)

• + Addedcamelize@1.0.0(transitive)

• + Addedcontent-security-policy-builder@2.1.0(transitive)

• + Addeddasherize@2.0.0(transitive)

• + Addeddont-sniff-mimetype@1.1.0(transitive)

• + Addedfeature-policy@0.3.0(transitive)

• + Addedhelmet@3.23.3(transitive)

• + Addedhelmet-crossdomain@0.4.0(transitive)

• + Addedhelmet-csp@2.10.0(transitive)

• + Addedhide-powered-by@1.1.0(transitive)

• + Addedhpkp@2.0.0(transitive)

• + Addedhsts@2.2.0(transitive)

• + Addednocache@2.1.0(transitive)

• + Addedreferrer-policy@1.2.0(transitive)

• + Addedx-xss-protection@1.3.0(transitive)

• - Removedbody-parser@^1.19.0

• - Removedchalk@^2.4.1

• - Removedansi-styles@3.2.1(transitive)

• - Removedchalk@2.4.2(transitive)

• - Removedcolor-convert@1.9.3(transitive)

• - Removedcolor-name@1.1.3(transitive)

• - Removedescape-string-regexp@1.0.5(transitive)

• - Removedhas-flag@3.0.0(transitive)

• - Removedhelmet@4.6.0(transitive)

• - Removedsupports-color@5.5.0(transitive)

• Updatedexpress@^4.19.2

• Updatedhelmet@^3.21.2

• Updatedmorgan@^1.9.1