@lbu/server
Advanced tools
@lbu/server - npm Package Compare versions
Comparing version 0.0.91 to 0.0.92
| { | ||
| "name": "@lbu/server", | ||
| "version": "0.0.91", | ||
| "version": "0.0.92", | ||
| "description": "Koa server and common middleware", | ||
@@ -19,4 +19,4 @@ "main": "./index.js", | ||
| "dependencies": { | ||
| "@lbu/insight": "0.0.91", | ||
| "@lbu/stdlib": "0.0.91", | ||
| "@lbu/insight": "0.0.92", | ||
| "@lbu/stdlib": "0.0.92", | ||
| "formidable": "2.0.0-canary.20200504.1", | ||
@@ -49,3 +49,3 @@ "keygrip": "1.1.0", | ||
| }, | ||
| "gitHead": "241012842c62b2eb255e9a503da837e32bbef548" | ||
| "gitHead": "68be0c5c1f7177797820b1cf2ef061542004dfd3" | ||
| } |
@@ -1,2 +0,2 @@ | ||
| import { isStaging } from "@lbu/stdlib"; | ||
| import { environment, isStaging } from "@lbu/stdlib"; | ||
@@ -65,7 +65,7 @@ /* | ||
| } else if ( | ||
| process.env.CORS_URL !== undefined && | ||
| process.env.CORS_URL.length > 0 | ||
| environment.CORS_URL !== undefined && | ||
| environment.CORS_URL.length > 0 | ||
| ) { | ||
| // Use CORS_URL array provided via environment variables | ||
| const allowedOrigins = (process.env.CORS_URL || "").split(","); | ||
| const allowedOrigins = (environment.CORS_URL || "").split(","); | ||
| const localhostRegex = /^http:\/\/localhost:\d{1,6}$/gi; | ||
@@ -72,0 +72,0 @@ |
@@ -1,2 +0,2 @@ | ||
| import { isNil, isProduction, merge, uuid } from "@lbu/stdlib"; | ||
| import { environment, isNil, isProduction, merge, uuid } from "@lbu/stdlib"; | ||
| import KeyGrip from "keygrip"; | ||
@@ -20,7 +20,7 @@ import koaSession from "koa-session"; | ||
| { | ||
| key: `${process.env.APP_NAME.toLowerCase()}.sess`, | ||
| key: `${environment.APP_NAME.toLowerCase()}.sess`, | ||
| maxAge: 6 * 24 * 60 * 60 * 1000, | ||
| renew: true, | ||
| secure: isProduction(), | ||
| domain: !isProduction() ? undefined : process.env.COOKIE_URL, | ||
| domain: !isProduction() ? undefined : environment.COOKIE_URL, | ||
| sameSite: "lax", | ||
@@ -48,10 +48,10 @@ overwrite: true, | ||
| if (!isProduction()) { | ||
| return [process.env.APP_NAME]; | ||
| return [environment.APP_NAME]; | ||
| } | ||
| if (isNil(process.env.APP_KEYS) || process.env.APP_KEYS.length < 20) { | ||
| if (isNil(environment.APP_KEYS) || environment.APP_KEYS.length < 20) { | ||
| throw new Error("Missing APP_KEYS in environment or generate a longer key"); | ||
| } | ||
| const keys = process.env.APP_KEYS.split(","); | ||
| const keys = environment.APP_KEYS.split(","); | ||
| return new KeyGrip(keys, "sha256"); | ||
@@ -58,0 +58,0 @@ } |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 4 instances in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.04%
57839
- Number of low supply chain risk alerts
- decreased by-100%
0
Dependency changes
+ Added@lbu/insight@0.0.92(transitive)
+ Added@lbu/stdlib@0.0.92(transitive)
+ Added@types/node@14.14.6(transitive)
+ Addedes-object-atoms@1.0.1(transitive)
+ Addedqs@6.13.1(transitive)
- Removed@lbu/insight@0.0.91(transitive)
- Removed@lbu/stdlib@0.0.91(transitive)
- Removed@types/node@14.14.5(transitive)
- Removedes-object-atoms@1.1.1(transitive)
- Removedqs@6.14.0(transitive)
Updated@lbu/insight@0.0.92
Updated@lbu/stdlib@0.0.92