@fastify/cookie - npm Package Compare versions

Comparing version 7.0.0 to 7.1.0

package.json

 {
   "name": "@fastify/cookie",
-  "version": "7.0.0",
+  "version": "7.1.0",
   "description": "Plugin for fastify to add support for cookies",
@@ -42,3 +42,3 @@ "main": "plugin.js",
   "devDependencies": {
-    "@types/node": "^17.0.16",
+    "@types/node": "^18.0.0",
     "fastify": "^4.0.0-rc.2",
@@ -50,6 +50,7 @@ "pre-commit": "^1.2.2",
     "tap": "^16.0.0",
-    "tsd": "^0.20.0",
+    "tsd": "^0.22.0",
     "typescript": "^4.5.5"
   },
   "dependencies": {
+    "cookie": "^0.5.0",
     "cookie-signature": "^1.1.0",
@@ -56,0 +57,0 @@ "fastify-plugin": "^3.0.1"

plugin.d.ts

@@ -30,3 +30,3 @@ /// <reference types='node' />
      */
-    cookies: { [cookieName: string]: string };
+    cookies: { [cookieName: string]: string | undefined };
 
@@ -95,2 +95,3 @@ /**
   path?: string;
+  priority?: 'low' | 'medium' | 'high';
   sameSite?: boolean | 'lax' | 'strict' | 'none';
@@ -97,0 +98,0 @@ secure?: boolean;

plugin.js

 'use strict'
 
 const fp = require('fastify-plugin')
-const cookie = require('./cookie')
+const cookie = require('cookie')
 
@@ -6,0 +6,0 @@ const signerFactory = require('./signer')

README.md

@@ -5,3 +5,2 @@ # @fastify/cookie
 [![NPM version](https://img.shields.io/npm/v/@fastify/cookie.svg?style=flat)](https://www.npmjs.com/package/@fastify/cookie)
-[![Known Vulnerabilities](https://snyk.io/test/github/fastify/fastify-cookie/badge.svg)](https://snyk.io/test/github/fastify/fastify-cookie)
 [![js-standard-style](https://img.shields.io/badge/code%20style-standard-brightgreen.svg?style=flat)](https://standardjs.com/)
@@ -62,3 +61,3 @@
 ```ts
-import { FastifyCookieOptions } from '@fastify/cookie'
+import type { FastifyCookieOptions } from '@fastify/cookie'
 import cookie from '@fastify/cookie'
@@ -65,0 +64,0 @@ import fastify from 'fastify'

test/cookie.test.js

@@ -246,2 +246,57 @@ 'use strict'
 
+test('defined and undefined cookies', (t) => {
+  t.plan(23)
+  const fastify = Fastify()
+  fastify.register(plugin)
+
+  // check that it parses the cookies in the onRequest hook
+  for (const hook of ['preValidation', 'preHandler']) {
+    fastify.addHook(hook, (req, reply, done) => {
+      t.ok(req.cookies)
+
+      t.ok(req.cookies.bar)
+      t.notOk(req.cookies.baz)
+
+      t.equal(req.cookies.bar, 'bar')
+      t.equal(req.cookies.baz, undefined)
+      done()
+    })
+  }
+
+  fastify.addHook('preParsing', (req, reply, payload, done) => {
+    t.ok(req.cookies)
+
+    t.ok(req.cookies.bar)
+    t.notOk(req.cookies.baz)
+
+    t.equal(req.cookies.bar, 'bar')
+    t.equal(req.cookies.baz, undefined)
+    done()
+  })
+
+  fastify.get('/test2', (req, reply) => {
+    t.ok(req.cookies)
+
+    t.ok(req.cookies.bar)
+    t.notOk(req.cookies.baz)
+
+    t.equal(req.cookies.bar, 'bar')
+    t.equal(req.cookies.baz, undefined)
+
+    reply.send({ hello: 'world' })
+  })
+
+  fastify.inject({
+    method: 'GET',
+    url: '/test2',
+    headers: {
+      cookie: 'bar=bar'
+    }
+  }, (err, res) => {
+    t.error(err)
+    t.equal(res.statusCode, 200)
+    t.same(JSON.parse(res.body), { hello: 'world' })
+  })
+})
+
 test('does not modify supplied cookie options object', (t) => {
@@ -248,0 +303,0 @@ t.plan(3)

test/plugin.test-d.ts

@@ -6,3 +6,2 @@ import fastify, { FastifyInstance, FastifyPluginCallback, FastifyReply, setCookieWrapper } from 'fastify';
 import fastifyCookieDefault, {
-  CookieSerializeOptions,
   fastifyCookie as fastifyCookieNamed
@@ -46,2 +45,3 @@ } from '..';
     const test = request.cookies.test;
+    expectType<string | undefined>(test);
 
@@ -53,3 +53,3 @@ expectType<setCookieWrapper>(reply.cookie);
       reply
-        .setCookie('test', test, { domain: 'example.com', path: '/' })
+        .setCookie('test', test!, { domain: 'example.com', path: '/' })
         .clearCookie('foo')
@@ -69,3 +69,3 @@ .send({ hello: 'world' })
     reply
-      .setCookie('test', test, { domain: 'example.com', path: '/' })
+      .setCookie('test', test!, { domain: 'example.com', path: '/' })
       .clearCookie('foo')
@@ -82,11 +82,11 @@ .send({ hello: 'world' });
     const test = request.cookies.test;
-    reply.setCookie('test', test, { sameSite: true }).send({ hello: 'world' });
+    reply.setCookie('test', test!, { sameSite: true }).send({ hello: 'world' });
   });
   server.get('/test-samesite-option-false', (request, reply) => {
     const test = request.cookies.test;
-    reply.setCookie('test', test, { sameSite: false }).send({ hello: 'world' });
+    reply.setCookie('test', test!, { sameSite: false }).send({ hello: 'world' });
   });
   server.get('/test-samesite-option-lax', (request, reply) => {
     const test = request.cookies.test;
-    reply.setCookie('test', test, { sameSite: 'lax' }).send({ hello: 'world' });
+    reply.setCookie('test', test!, { sameSite: 'lax' }).send({ hello: 'world' });
   });
@@ -96,3 +96,3 @@ server.get('/test-samesite-option-strict', (request, reply) => {
     reply
-      .setCookie('test', test, { sameSite: 'strict' })
+      .setCookie('test', test!, { sameSite: 'strict' })
       .send({ hello: 'world' });
@@ -103,3 +103,3 @@ });
     reply
-      .setCookie('test', test, { sameSite: 'none' })
+      .setCookie('test', test!, { sameSite: 'none' })
       .send({ hello: 'world' });
@@ -116,9 +116,9 @@ });
   server.get('/', (request, reply) => {
-    appWithImplicitHttpSigned.unsignCookie(request.cookies.test);
+    appWithImplicitHttpSigned.unsignCookie(request.cookies.test!);
     appWithImplicitHttpSigned.unsignCookie('test');
 
-    reply.unsignCookie(request.cookies.test);
+    reply.unsignCookie(request.cookies.test!);
     reply.unsignCookie('test');
 
-    request.unsignCookie(request.cookies.anotherTest);
+    request.unsignCookie(request.cookies.anotherTest!);
     request.unsignCookie('anotherTest');
@@ -137,3 +137,3 @@
   server.get('/', (request, reply) => {
-    reply.unsignCookie(request.cookies.test);
+    reply.unsignCookie(request.cookies.test!);
     const { valid, renew, value } = reply.unsignCookie('test');
@@ -170,3 +170,3 @@
   server.get('/', (request, reply) => {
-    const { valid, renew, value } = reply.unsignCookie(request.cookies.test);
+    const { valid, renew, value } = reply.unsignCookie(request.cookies.test!);
 
@@ -192,3 +192,3 @@ expectType<boolean>(valid);
   server.get('/', (request, reply) => {
-    reply.unsignCookie(request.cookies.test)
+    reply.unsignCookie(request.cookies.test!)
     const { valid, renew, value } = reply.unsignCookie('test')
@@ -195,0 +195,0 @@

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Improved metrics

Number of medium supply chain risk alerts

0

decreased by-100%

Worsened metrics

Total package byte prevSize

44477

decreased by-20.56%

Dependency count

3

increased by50%

Number of package files

14

decreased by-12.5%

Lines of code

1090

decreased by-22.8%

Number of lines in readme file

217

decreased by-0.46%

Dependency changes

• + Addedcookie@^0.5.0

• + Addedcookie@0.5.0(transitive)