@httpland/hsts-middleware - npm Package Compare versions

Comparing version 1.0.0-beta.1 to 1.0.0-beta.2

esm/deps.js

 // Copyright 2023-latest the httpland authors. All rights reserved. MIT license.
 // This module is browser compatible.
-export { stringify, } from "./deps/deno.land/x/hsts_parser@1.0.0-beta.1/mod.js";
+export { stringify, } from "@httpland/hsts-parser";
 export var SecurityHeaders;
@@ -5,0 +5,0 @@ (function (SecurityHeaders) {

esm/mod.js

 // Copyright 2023-latest the httpland authors. All rights reserved. MIT license.
 // This module is browser compatible.
-import "./_dnt.polyfills.js";
 export { hsts } from "./middleware.js";
+export { STS } from "./utils.js";

package.json

@@ -6,3 +6,3 @@ {
   "name": "@httpland/hsts-middleware",
-  "version": "1.0.0-beta.1",
+  "version": "1.0.0-beta.2",
   "description": "HTTP Strict Transport Security(HSTS) middleware",
@@ -43,3 +43,7 @@ "keywords": [
     }
+  },
+  "dependencies": {
+    "@httpland/hsts-parser": "1.0.0-beta.1",
+    "@httpland/http-middleware": "1.0.0"
   }
 }

README.md

@@ -6,3 +6,3 @@ # hsts-middleware
 [![GitHub release (latest by date)](https://img.shields.io/github/v/release/httpland/hsts-middleware)](https://github.com/httpland/hsts-middleware/releases)
-[![codecov](https://codecov.io/github/httpland/hsts-middleware/branch/main/graph/badge.svg)](https://codecov.io/gh/httpland/hsts-middleware)
+[![codecov](https://codecov.io/gh/httpland/hsts-middleware/branch/main/graph/badge.svg?token=ERELj74qaQ)](https://codecov.io/gh/httpland/hsts-middleware)
 [![GitHub](https://img.shields.io/github/license/httpland/hsts-middleware)](https://github.com/httpland/hsts-middleware/blob/main/LICENSE)
@@ -102,2 +102,21 @@
 
+## Preset
+
+STS presets are provided. It is value recommended by several hosts.
+
+- [OWASP](https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html)
+- [mozilla](https://infosec.mozilla.org/guidelines/web_security#http-strict-transport-security)
+
+```ts
+import { hsts, STS } from "https://deno.land/x/hsts_middleware@$VERSION/mod.ts";
+
+const middleware = hsts(STS);
+```
+
+yield:
+
+```http
+Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
+```
+
 ## Effects
@@ -104,0 +123,0 @@

script/deps.js

@@ -6,4 +6,4 @@ "use strict";
 exports.SecurityHeaders = exports.stringify = void 0;
-var mod_js_1 = require("./deps/deno.land/x/hsts_parser@1.0.0-beta.1/mod.js");
-Object.defineProperty(exports, "stringify", { enumerable: true, get: function () { return mod_js_1.stringify; } });
+var hsts_parser_1 = require("@httpland/hsts-parser");
+Object.defineProperty(exports, "stringify", { enumerable: true, get: function () { return hsts_parser_1.stringify; } });
 var SecurityHeaders;
@@ -10,0 +10,0 @@ (function (SecurityHeaders) {

script/mod.js

 "use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.hsts = void 0;
 // Copyright 2023-latest the httpland authors. All rights reserved. MIT license.
 // This module is browser compatible.
-require("./_dnt.polyfills.js");
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.STS = exports.hsts = void 0;
 var middleware_js_1 = require("./middleware.js");
 Object.defineProperty(exports, "hsts", { enumerable: true, get: function () { return middleware_js_1.hsts; } });
+var utils_js_1 = require("./utils.js");
+Object.defineProperty(exports, "STS", { enumerable: true, get: function () { return utils_js_1.STS; } });

types/deps.d.ts

@@ -1,5 +0,5 @@
-export { type Middleware } from "./deps/deno.land/x/http_middleware@1.0.0/mod.js";
-export { type StrictTransportSecurity, stringify, } from "./deps/deno.land/x/hsts_parser@1.0.0-beta.1/mod.js";
+export { type Middleware } from "@httpland/http-middleware";
+export { type StrictTransportSecurity, stringify, } from "@httpland/hsts-parser";
 export declare const enum SecurityHeaders {
     StrictTransportSecurity = "strict-transport-security"
 }

types/mod.d.ts

@@ -1,3 +0,3 @@
-import "./_dnt.polyfills.js";
 export { hsts } from "./middleware.js";
 export { type Middleware, type StrictTransportSecurity } from "./deps.js";
+export { STS } from "./utils.js";

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Number of lines in readme file

138

increased by15.97%

Worsened metrics

Total package byte prevSize

15128

decreased by-82.65%

Dependency count

2

increased byInfinity%

Number of package files

17

decreased by-71.19%

Lines of code

224

decreased by-89.15%

Number of medium supply chain risk alerts

1

increased byInfinity%

Dependency changes

• + Added@httpland/hsts-parser@1.0.0-beta.1

• + Added@httpland/http-middleware@1.0.0

• + Added@httpland/hsts-parser@1.0.0-beta.1(transitive)

• + Added@httpland/http-middleware@1.0.0(transitive)