@omisego/omg-js-childchain - npm Package Compare versions

Comparing version 3.1.0-0.4.6 to 4.0.0-0.4.7

package.json

 {
   "name": "@omisego/omg-js-childchain",
-  "version": "3.1.0-0.4.6",
+  "version": "4.0.0-0.4.7",
   "description": "Module to interact with OMG ChildChain",
@@ -11,8 +11,11 @@ "keywords": [
   "main": "src/childchain.js",
+  "scripts": {
+    "audit-check": "audit-ci --moderate"
+  },
   "author": "OmiseGo",
   "contributors": [
-    "Pong Cheecharern <pong@omise.co>",
-    "Kevin Sullivan <kevinsul@omise.co>",
-    "Jarindr Thitadilaka <jarindr@omisego.co>",
-    "Nicholas Mueller <nicholas@omisego.co>"
+    "Pong Cheecharern <@Pongch>",
+    "Kevin Sullivan <@kevsul>",
+    "Jarindr Thitadilaka <@jarindr>",
+    "Nicholas Mueller <@nicholasmueller>"
   ],
@@ -29,8 +32,8 @@ "license": "Apache-2.0",
     "@hapi/joi": "^16.1.8",
-    "@omisego/omg-js-util": "3.1.0-0.4.6",
+    "@omisego/omg-js-util": "4.0.0-0.4.7",
+    "axios": "^0.19.2",
     "bn.js": "^5.0.0",
     "debug": "^4.0.1",
+    "https-proxy-agent": "^5.0.0",
     "omg-json-bigint": "^1.0.0",
-    "request": "^2.88.0",
-    "request-promise-native": "^1.0.7",
     "rlp": "^2.1.0",
@@ -42,3 +45,7 @@ "web3-utils": "^1.2.5"
   },
-  "gitHead": "9f652f8a3f6ae0cc8915b1268503631d97e8edfb"
+  "devDependencies": {
+    "audit-ci": "^2.5.1",
+    "axios-mock-adapter": "^1.18.1"
+  },
+  "gitHead": "f0b774ab1acdc4a0df6489c81cd03604c18f396d"
 }

src/childchain.js

@@ -45,12 +45,14 @@ /*
   *
-  * @param {Object} config the rootchain configuration object
+  * @param {Object} config the childchain configuration object
   * @param {string} config.watcherUrl the url of the watcher server (running in security-critical and informational mode)
   * @param {string} [config.watcherProxyUrl] *optional* the proxy url for requests made to the watcher server
+  * @param {string} config.plasmaContractAddress the address of the PlasmaFramework contract
   * @return {ChildChain} a ChildChain Object
   *
   */
-  constructor ({ watcherUrl, watcherProxyUrl }) {
-    Joi.assert({ watcherUrl, watcherProxyUrl }, childchainConstructorSchema)
+  constructor ({ watcherUrl, watcherProxyUrl, plasmaContractAddress }) {
+    Joi.assert({ watcherUrl, watcherProxyUrl, plasmaContractAddress }, childchainConstructorSchema)
     this.watcherUrl = watcherUrl
     this.watcherProxyUrl = watcherProxyUrl
+    this.plasmaContractAddress = plasmaContractAddress
   }
@@ -291,3 +293,2 @@
    * @param {string} [args.metadata] the metadata to include in the transaction
-   * @param {string} args.verifyingContract address of the RootChain contract
    * @return {Promise<Object>} promise that resolves with the submitted transaction
@@ -301,4 +302,3 @@ */
     fee,
-    metadata,
-    verifyingContract
+    metadata
   }) {
@@ -311,4 +311,3 @@ Joi.assert({
       fee,
-      metadata,
-      verifyingContract
+      metadata
     }, sendTransactionSchema)
@@ -327,3 +326,3 @@
     })
-    const typedData = transaction.getTypedData(txBody, verifyingContract)
+    const typedData = transaction.getTypedData(txBody, this.plasmaContractAddress)
     const signatures = this.signTransaction(typedData, fromPrivateKeys)
@@ -340,3 +339,2 @@ const signedTx = this.buildSignedTransaction(typedData, signatures)
    * @param {UTXO[]} args.utxos a utxo array
-   * @param {string} args.verifyingContract address of the RootChain contract
    * @param {string} args.privateKey private key of the owner's utxo
@@ -348,3 +346,2 @@ * @return {Promise<Object>} promise that resolves with the submitted merge transaction
     privateKey,
-    verifyingContract,
     metadata = transaction.NULL_METADATA
@@ -355,3 +352,2 @@ }) {
       privateKey,
-      verifyingContract,
       metadata
@@ -367,3 +363,3 @@ }, mergeUtxosSchema)
 
-    const typedData = transaction.getTypedData(txBody, verifyingContract)
+    const typedData = transaction.getTypedData(txBody, this.plasmaContractAddress)
     const signatures = this.signTransaction(typedData, new Array(utxos.length).fill(privateKey))
@@ -370,0 +366,0 @@ const signedTx = this.buildSignedTransaction(typedData, signatures)

src/rpc/rpcApi.js

@@ -16,6 +16,6 @@ /*
 
-const request = require('request-promise-native')
+const axios = require('axios')
 const debug = require('debug')('omg.childchain.rpc')
 const JSONBigNumber = require('omg-json-bigint')
-
+const HttpsProxyAgent = require('https-proxy-agent')
 class RpcError extends Error {
@@ -27,3 +27,11 @@ constructor ({ code, description, messages }) {
 }
+// function to override default behavior of axios, so it doesn't use native JSON.parse
+function getTransformResponse () {
+  return [(data) => data]
+}
 
+function getHttpsProxyAgent (proxyUrl) {
+  return proxyUrl ? new HttpsProxyAgent({ host: proxyUrl, rejectUnauthorized: false }) : undefined
+}
+
 async function get ({ url, proxyUrl }) {
@@ -33,7 +41,8 @@ try {
       method: 'GET',
-      uri: url,
-      ...proxyUrl && { proxy: proxyUrl, rejectUnauthorized: false }
+      url: url,
+      transformResponse: getTransformResponse(),
+      httpsAgent: getHttpsProxyAgent(proxyUrl)
     }
 
-    const res = await request.get(options)
+    const res = await axios.request(options)
     return parseResponse(res)
@@ -48,12 +57,12 @@ } catch (err) {
   body.id = body.id || 0
-
   try {
     const options = {
       method: 'POST',
-      uri: url,
+      url: url,
       headers: { 'Content-Type': 'application/json' },
-      body: JSONBigNumber.stringify(body),
-      ...proxyUrl && { proxy: proxyUrl, rejectUnauthorized: false }
+      data: JSONBigNumber.stringify(body),
+      transformResponse: getTransformResponse(),
+      httpsAgent: getHttpsProxyAgent(proxyUrl)
     }
-    const res = await request.post(options)
+    const res = await axios.request(options)
     return parseResponse(res)
@@ -66,16 +75,16 @@ } catch (err) {
 async function parseResponse (res) {
-  let json
+  let data
   try {
     // Need to use a JSON parser capable of handling uint256
-    json = JSONBigNumber.parse(res)
+    data = JSONBigNumber.parse(res.data)
   } catch (err) {
     throw new Error(`Unable to parse response from server: ${err}`)
   }
-  debug(`rpc response is ${JSON.stringify(json)}`)
+  debug(`rpc response is ${JSON.stringify(data)}`)
 
-  if (json.success) {
-    return json.data
+  if (data.success) {
+    return data.data
   }
 
-  throw new RpcError(json.data)
+  throw new RpcError(data.data)
 }
@@ -82,0 +91,0 @@

src/validators/index.js

@@ -13,3 +13,4 @@ const Joi = require('@hapi/joi')
   watcherUrl: Joi.string().required(),
-  watcherProxyUrl: Joi.string().allow('')
+  watcherProxyUrl: Joi.string().allow(''),
+  plasmaContractAddress: validateAddress.required()
 })
@@ -77,4 +78,3 @@
   fee: validateFee.required(),
-  metadata: validateMetadata,
-  verifyingContract: validateAddress.required()
+  metadata: validateMetadata
 })
@@ -95,3 +95,2 @@
   privateKey: Joi.string().required(),
-  verifyingContract: validateAddress.required(),
   metadata: validateMetadata
@@ -98,0 +97,0 @@ })

test/getBalanceTest.js

@@ -19,3 +19,3 @@ /*
 const ChildChain = require('../src/childchain')
-const nock = require('nock')
+const mockAx = require('./mock')
 
@@ -26,2 +26,3 @@ chai.use(chaiAsPromised)
 const watcherUrl = 'http://omg-watcher'
+const plasmaContractAddress = '0xE009136B58a8B2eEb80cfa18aD2Ea6D389d3A375'
 
@@ -36,7 +37,5 @@ describe('getBalance', function () {
 
-    nock(watcherUrl)
-      .post('/account.get_balance', { address, jsonrpc: '2.0', id: 0 })
-      .reply(200, { success: true, data: expectedObject })
+    mockAx.onPost(`${watcherUrl}/account.get_balance`, { address, jsonrpc: '2.0', id: 0 }).reply(200, JSON.stringify({ success: true, data: expectedObject }))
 
-    const childChain = new ChildChain({ watcherUrl })
+    const childChain = new ChildChain({ watcherUrl, plasmaContractAddress })
     const result = await childChain.getBalance(address)
@@ -56,9 +55,6 @@ assert(Array.isArray(result))
 
-    nock(watcherUrl)
-      .post('/account.get_balance', { address, jsonrpc: '2.0', id: 0 })
-      .reply(200, { success: false, data: errorObject })
-
-    const childChain = new ChildChain({ watcherUrl })
+    mockAx.onPost(`${watcherUrl}/account.get_balance`, { address, jsonrpc: '2.0', id: 0 }).reply(200, JSON.stringify({ success: false, data: errorObject }))
+    const childChain = new ChildChain({ watcherUrl, plasmaContractAddress })
     return assert.isRejected(childChain.getBalance(address), Error, errorObject.description)
   })
 })

test/getUtxotest.js

@@ -22,3 +22,3 @@ /*
 const ChildChain = require('../src/childchain')
-const nock = require('nock')
+const mockAx = require('./mock')
 
@@ -29,2 +29,3 @@ chai.use(chaiAsPromised)
 const watcherUrl = 'http://omg-watcher'
+const plasmaContractAddress = '0xE009136B58a8B2eEb80cfa18aD2Ea6D389d3A375'
 
@@ -36,7 +37,5 @@ describe('getUtxo', () => {
 
-    nock(watcherUrl)
-      .post('/account.get_utxos', { address, jsonrpc: '2.0', id: 0 })
-      .reply(200, { success: true, data: expectedObject })
+    mockAx.onPost(`${watcherUrl}/account.get_utxos`, { address, jsonrpc: '2.0', id: 0 }).reply(200, JSON.stringify({ success: true, data: expectedObject }))
 
-    const childChain = new ChildChain({ watcherUrl })
+    const childChain = new ChildChain({ watcherUrl, plasmaContractAddress })
     const returnUtxo = await childChain.getUtxos(address)
@@ -53,9 +52,7 @@ assert.deepEqual(expectedObject, returnUtxo)
 
-    nock(watcherUrl)
-      .post('/account.get_utxos', { address, jsonrpc: '2.0', id: 0 })
-      .reply(200, { success: false, data: errorObject })
+    mockAx.onPost(`${watcherUrl}/account.get_utxos`, { address, jsonrpc: '2.0', id: 0 }).reply(200, JSON.stringify({ success: false, data: errorObject }))
 
-    const childChain = new ChildChain({ watcherUrl })
+    const childChain = new ChildChain({ watcherUrl, plasmaContractAddress })
     return assert.isRejected(childChain.getUtxos(address), Error, errorObject.description)
   })
 })

test/rpcApiTest.js

@@ -18,3 +18,3 @@ /*
 const chaiAsPromised = require('chai-as-promised')
-const rp = require('request-promise-native')
+const ax = require('axios')
 const sinon = require('sinon')
@@ -29,21 +29,18 @@
 const proxyUrl = 'http://omg-proxy'
+const plasmaContractAddress = '0xE009136B58a8B2eEb80cfa18aD2Ea6D389d3A375'
 
 describe('rpcApi test', function () {
   before(function () {
-    sinon.stub(rp, 'get').resolves(
-      JSON.stringify({
-        success: true,
-        data: 'foobar'
-      })
+    sinon.stub(ax, 'request').resolves(
+      {
+        status: 200,
+        data: JSON.stringify({
+          success: true,
+          data: 'foobar'
+        })
+      }
     )
-    sinon.stub(rp, 'post').resolves(
-      JSON.stringify({
-        success: true,
-        data: 'foobar'
-      })
-    )
   })
   after(function () {
-    rp.post.restore()
-    rp.get.restore()
+    ax.request.restore()
   })
@@ -58,11 +55,15 @@ it('should call body post as string', async function () {
       method: 'POST',
-      uri: 'http://omg-watcher',
+      url: 'http://omg-watcher',
       headers: { 'Content-Type': 'application/json' },
-      body: JSON.stringify({
+      data: JSON.stringify({
         test: 'object should call string',
         jsonrpc: '2.0',
         id: 0
-      })
+      }),
+      transformResponse: sinon.match.array
     }
-    sinon.assert.calledWith(rp.post, expectedCall)
+
+    sinon.assert.calledWith(
+      ax.request,
+      sinon.match(expectedCall))
   })
@@ -75,5 +76,7 @@
       method: 'GET',
-      uri: 'http://omg-watcher'
+      url: 'http://omg-watcher',
+      transformResponse: sinon.match.array,
+      httpsAgent: undefined
     }
-    sinon.assert.calledWith(rp.get, expectedCall)
+    sinon.assert.calledWith(ax.request, expectedCall)
   })
@@ -88,8 +91,10 @@
       method: 'POST',
-      uri: watcherUrl,
+      url: watcherUrl,
       headers: { 'Content-Type': 'application/json' },
-      body: JSON.stringify({ id: 10, foo: 'bar', jsonrpc: '2.0' })
+      data: JSON.stringify({ id: 10, foo: 'bar', jsonrpc: '2.0' }),
+      transformResponse: sinon.match.array,
+      httpsAgent: undefined
     }
     assert.equal(res, 'foobar')
-    sinon.assert.calledWith(rp.post, expectedCall)
+    sinon.assert.calledWith(ax.request, expectedCall)
   })
@@ -100,11 +105,14 @@ })
   before(function () {
-    sinon.stub(rp, 'post').resolves(
-      JSON.stringify({
-        success: true,
-        data: 'foobar'
-      })
+    sinon.stub(ax, 'request').resolves(
+      {
+        status: 200,
+        data: JSON.stringify({
+          success: true,
+          data: 'foobar'
+        })
+      }
     )
   })
   after(function () {
-    rp.post.restore()
+    ax.request.restore()
   })
@@ -115,3 +123,4 @@
       watcherUrl,
-      watcherProxyUrl: proxyUrl
+      watcherProxyUrl: proxyUrl,
+      plasmaContractAddress
     })
@@ -121,24 +130,26 @@ const res = await childchainWithProxy.getTransaction('0x123')
       method: 'POST',
-      uri: `${watcherUrl}/transaction.get`,
+      url: `${watcherUrl}/transaction.get`,
       headers: { 'Content-Type': 'application/json' },
-      body: JSON.stringify({ id: '0x123', jsonrpc: '2.0' }),
-      proxy: proxyUrl,
-      rejectUnauthorized: false
+      data: JSON.stringify({ id: '0x123', jsonrpc: '2.0' }),
+      transformResponse: sinon.match.array,
+      httpsAgent: sinon.match.object
     }
     assert.equal(res, 'foobar')
-    sinon.assert.calledWith(rp.post, expectedCall)
+    sinon.assert.calledWith(ax.request, expectedCall)
   })
 
   it('childchain should not pass proxy url if it doesnt exist', async function () {
-    const childchainNoProxy = new ChildChain({ watcherUrl })
+    const childchainNoProxy = new ChildChain({ watcherUrl, plasmaContractAddress })
     const res = await childchainNoProxy.getTransaction('0xabc')
     const expectedCall = {
       method: 'POST',
-      uri: `${watcherUrl}/transaction.get`,
+      url: `${watcherUrl}/transaction.get`,
       headers: { 'Content-Type': 'application/json' },
-      body: JSON.stringify({ id: '0xabc', jsonrpc: '2.0' })
+      data: JSON.stringify({ id: '0xabc', jsonrpc: '2.0' }),
+      transformResponse: sinon.match.array,
+      httpsAgent: undefined
     }
     assert.equal(res, 'foobar')
-    sinon.assert.calledWith(rp.post, expectedCall)
+    sinon.assert.calledWith(ax.request, expectedCall)
   })
 })

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

43997

increased by2.93%

Number of package files

11

increased by10%

Lines of code

929

increased by1.42%

Worsened metrics

Dev dependency count

2

increased byInfinity%

Number of medium supply chain risk alerts

1

increased byInfinity%

Dependency changes

• + Addedaxios@^0.19.2

• + Addedhttps-proxy-agent@^5.0.0

• + Added@omisego/omg-js-util@4.0.0-0.4.7(transitive)

• + Addedagent-base@6.0.2(transitive)

• + Addedaxios@0.19.2(transitive)

• + Addedfollow-redirects@1.5.10(transitive)

• + Addedhttps-proxy-agent@5.0.1(transitive)

• - Removedrequest@^2.88.0

• - Removedrequest-promise-native@^1.0.7

• - Removed@omisego/omg-js-util@3.1.0-0.4.6(transitive)

• - Removedajv@6.12.6(transitive)

• - Removedasn1@0.2.6(transitive)

• - Removedassert-plus@1.0.0(transitive)

• - Removedasynckit@0.4.0(transitive)

• - Removedaws-sign2@0.7.0(transitive)

• - Removedaws4@1.13.2(transitive)

• - Removedbcrypt-pbkdf@1.0.2(transitive)

• - Removedcaseless@0.12.0(transitive)

• - Removedcombined-stream@1.0.8(transitive)

• - Removedcore-util-is@1.0.2(transitive)

• - Removeddashdash@1.14.1(transitive)

• - Removeddelayed-stream@1.0.0(transitive)

• - Removedecc-jsbn@0.1.2(transitive)

• - Removedextend@3.0.2(transitive)

• - Removedextsprintf@1.3.0(transitive)

• - Removedfast-deep-equal@3.1.3(transitive)

• - Removedfast-json-stable-stringify@2.1.0(transitive)

• - Removedforever-agent@0.6.1(transitive)

• - Removedform-data@2.3.3(transitive)

• - Removedgetpass@0.1.7(transitive)

• - Removedhar-schema@2.0.0(transitive)

• - Removedhar-validator@5.1.5(transitive)

• - Removedhttp-signature@1.2.0(transitive)

• - Removedis-typedarray@1.0.0(transitive)

• - Removedisstream@0.1.2(transitive)

• - Removedjsbn@0.1.1(transitive)

• - Removedjson-schema@0.4.0(transitive)

• - Removedjson-schema-traverse@0.4.1(transitive)

• - Removedjson-stringify-safe@5.0.1(transitive)

• - Removedjsprim@1.4.2(transitive)

• - Removedmime-db@1.52.0(transitive)

• - Removedmime-types@2.1.35(transitive)

• - Removedoauth-sign@0.9.0(transitive)

• - Removedperformance-now@2.1.0(transitive)

• - Removedpsl@1.15.0(transitive)

• - Removedpunycode@2.3.1(transitive)

• - Removedqs@6.5.3(transitive)

• - Removedrequest@2.88.2(transitive)

• - Removedrequest-promise-core@1.1.4(transitive)

• - Removedrequest-promise-native@1.0.9(transitive)

• - Removedsafer-buffer@2.1.2(transitive)

• - Removedsshpk@1.18.0(transitive)

• - Removedstealthy-require@1.1.1(transitive)

• - Removedtough-cookie@2.5.0(transitive)

• - Removedtunnel-agent@0.6.0(transitive)

• - Removedtweetnacl@0.14.5(transitive)

• - Removeduri-js@4.4.1(transitive)

• - Removeduuid@3.4.0(transitive)

• - Removedverror@1.10.0(transitive)

• Updated@omisego/omg-js-util@4.0.0-0.4.7