@octokit/request - npm Package Compare versions

Comparing version 2.3.0 to 2.4.0

lib/http-error.js

@@ -20,4 +20,17 @@ module.exports = class HttpError extends Error {
     this.headers = headers
-    this.request = request
+
+    // redact request credentials without mutating original request options
+    const requestCopy = Object.assign({}, request)
+    if (request.headers.authorization) {
+      requestCopy.headers = Object.assign({}, request.headers, {
+        authorization: request.headers.authorization.replace(/ .*$/, ' [REDACTED]')
+      })
+    }
+
+    // client_id & client_secret can be passed as URL query parameters to increase rate limit
+    // see https://developer.github.com/v3/#increasing-the-unauthenticated-rate-limit-for-oauth-applications
+    requestCopy.url = requestCopy.url.replace(/\bclient_secret=\w+/g, 'client_secret=[REDACTED]')
+
+    this.request = requestCopy
   }
 }

lib/request.js

 module.exports = request
 
 const isPlainObject = require('is-plain-object')
+const nodeFetch = require('node-fetch').default
 
-const mockable = require('./fetch')
 const getBuffer = require('./get-buffer-response')
@@ -18,3 +18,5 @@ const HttpError = require('./http-error')
 
-  return mockable.fetch(requestOptions.url, Object.assign({
+  const fetch = (requestOptions.request && requestOptions.request.fetch) || nodeFetch
+
+  return fetch(requestOptions.url, Object.assign({
     method: requestOptions.method,
@@ -30,3 +32,3 @@ body: requestOptions.body,
 
-      for (const keyAndValue of response.headers.entries()) {
+      for (const keyAndValue of response.headers) {
         headers[keyAndValue[0]] = keyAndValue[1]
@@ -49,3 +51,2 @@ }
       if (status === 304) {
-        requestOptions.url = response.headers.location
         throw new HttpError('Not modified', status, headers, requestOptions)
@@ -52,0 +53,0 @@ }

package.json

 {
   "name": "@octokit/request",
-  "version": "2.3.0",
+  "version": "2.4.0",
   "publishConfig": {
@@ -51,3 +51,3 @@ "access": "public"
     "mkdirp": "^0.5.1",
-    "mocha": "^5.2.0",
+    "mocha": "^6.0.0",
     "npm-run-all": "^4.1.3",
@@ -54,0 +54,0 @@ "nyc": "^13.1.0",

README.md

@@ -22,2 +22,3 @@ # request.js
 
+- [Features](#features)
 - [Usage](#usage)
@@ -39,2 +40,26 @@ * [Node](#node)
 
+## Features
+
+🤩 1:1 mapping of REST API endpoint documentation, e.g. [Add labels to an issue](https://developer.github.com/v3/issues/labels/#add-labels-to-an-issue) becomes
+
+  ```js
+  request('POST /repos/:owner/:repo/issues/:number/labels', {
+    headers: {
+      accept: 'application/vnd.github.symmetra-preview+json'
+    },
+    labels: ['🐛 bug']
+  })
+  ```
+👍 Sensible defaults
+
+- `baseUrl`: `https://api.github.com`
+- `headers.accept`: `application/vnd.github.v3+json`
+- `headers.agent`: `octokit-request.js/<current version> <OS information>`, e.g. `octokit-request.js/1.2.3 Node.js/10.15.0 (macOS Mojave; x64)`
+
+👌 Simple to test: mock requests by passing a custom fetch method.
+
+🧐 Simple to debug: Sets `error.request` to request options causing the error (with redacted credentials).  
+
+👶 Small bundle size (\<5kb minified + gzipped)
+
 ## Usage
@@ -204,14 +229,47 @@
     <th align=left>
-      <code>options.request</code>
+      <code>options.request.agent</code>
     </th>
     <td>
-      Object
+      <a href="https://nodejs.org/api/http.html#http_class_http_agent">http(s).Agent</a> instance
     </td>
     <td>
-     Pass <a href="https://github.com/bitinn/node-fetch#options">node-fetch extensions options</a>, such as <code>agent</code> or <code>timeout</code>. All other `options.request.*` keys will be ignored.
+     Node only. Useful for custom proxy, certificate, or dns lookup.
     </td>
   </tr>
+  <tr>
+    <th align=left>
+      <code>options.request.fetch</code>
+    </th>
+    <td>
+      Function
+    </td>
+    <td>
+     Custom replacement for <a href="https://github.com/bitinn/node-fetch">built-in fetch method</a>. Useful for testing or request hooks.
+    </td>
+  </tr>
+  <tr>
+    <th align=left>
+      <a name="options-request-signal"></a><code>options.request.signal</code>
+    </th>
+    <td>
+      <a href="https://github.com/bitinn/node-fetch/tree/e996bdab73baf996cf2dbf25643c8fe2698c3249#request-cancellation-with-abortsignal">new AbortController().signal</a>
+    </td>
+    <td>
+      Use an <code>AbortController</code> instance to cancel a request. In node you can only cancel streamed requests.
+    </td>
+  </tr>
+  <tr>
+    <th align=left>
+      <code>options.request.timeout</code>
+    </th>
+    <td>
+      Number
+    </td>
+    <td>
+     Node only. Request/response timeout in ms, it resets on redirect. 0 to disable (OS limit applies). <a href="#options-request-signal">options.request.signal</a> is recommended instead.
+    </td>
+  </tr>
 </table>
 
-All other options will passed depending on the `method` and `url` options.
+All other options except `options.request.*` will be passed depending on the `method` and `url` options.
 
@@ -383,6 +441,4 @@ 1. If the option key is a placeholder in the `url`, it will be used as replacement. For example, if the passed options are `{url: '/orgs/:org/repos', org: 'foo'}` the returned `options.url` is `https://api.github.com/orgs/foo/repos`
 
-
-
 ## LICENSE
 
 [MIT](LICENSE)

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

21470

increased by12.99%

Lines of code

133

increased by6.4%

Number of lines in readme file

441

increased by14.55%

Worsened metrics

Number of package files

9

decreased by-10%

Number of medium supply chain risk alerts

1

increased byInfinity%

No dependency changes