🚀. Socket Launch Week Day 3:Socket Firewall Now Blocks Malicious VS Code and Open VSX Extensions.Learn more
Sign In

@superhuman/push-receiver

Package Overview
Dependencies
Maintainers
7
Versions
15
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@superhuman/push-receiver - npm Package Compare versions

Comparing version
1.1.11
 to
1.1.12
+1
-2
package.json
{
"name": "@superhuman/push-receiver",
"version": "1.1.11",
"version": "1.1.12",
"description": "A module to subscribe to GCM/FCM and receive notifications within a node process.",

@@ -48,3 +48,2 @@ "main": "src/index.js",

"dependencies": {
"electron-log": "^2.2.14",
"http_ece": "^1.0.5",

@@ -51,0 +50,0 @@ "long": "^3.2.0",

+8
-35
src/client.js

@@ -153,40 +153,13 @@ const EventEmitter = require('events');

} catch (error) {
// NOTE(ibash) we seem to be getting errors while decrypting. I want to
// know if these errors are recoverable, whether it's just a single
// notification that will fail or if it's all notifications going forward.
// So we keep track of whether we've just seen a failed notification and
// whether we get a notification that goes through after that.
// Put the object in _persistentIds so we ignore a failed notification next time
this._persistentIds.push(object.persistentId);
// For detecting whether we can recover after failing to decrypt
this._failedToDecrypt = {object: object, keys: this._credentials.keys}
error.metaData = {message: JSON.stringify(object), keys: JSON.stringify(this._credentials.keys)}
// throw in a setTimeout s.t. bugsnag can catch the error, but we don't
// want to break the connection
setTimeout(() => {
if (error.message.includes('Unsupported state or unable to authenticate data')) {
// NOTE(ibash) Periodically we're unable to decrypt notifications. In
// all cases we've been able to receive future notifications using the
// same keys. So, we sliently drop this notification.
this._persistentIds.push(object.persistentId);
return
} else {
throw error
}, 0)
return
}
}
// detect if we've recovered from a failed notification
if (this._failedToDecrypt && this._credentials.keys.privateKey == this._failedToDecrypt.keys.privateKey) {
let failedToDecrypt = this._failedToDecrypt
this._failedToDecrypt = null
let keys = this._credentials.keys
setTimeout(() => {
// HACK(ibash) this should really log somewhere instead but ... bugsnag
// is my log :D
let error = new Error('Recovered from failure to decrypt notification')
error.metaData = {
failed: {message: JSON.stringify(failedToDecrypt.object), keys: JSON.stringify(failedToDecrypt.keys)},
succeeded: {message: JSON.stringify(object), keys: JSON.stringify(keys)},
}
throw error
}, 0)
}
// Maintain persistentIds updated with the very last received value

@@ -193,0 +166,0 @@ this._persistentIds.push(object.persistentId);

+0
-5
src/fcm/index.js
const crypto = require('crypto');
const request = require('request-promise');
const log = require('electron-log');
const { escape } = require('../utils/base64');
log.transports.console.level = 'info';
log.transports.file.level = 'info';
const FCM_SUBSCRIBE = 'https://fcm.googleapis.com/fcm/connect/subscribe';

@@ -16,3 +12,2 @@ const FCM_ENDPOINT = 'https://fcm.googleapis.com/fcm/send';

const keys = await createKeys();
log.info('CREATED KEYS', keys)
const response = await request({

@@ -19,0 +14,0 @@ url : FCM_SUBSCRIBE,

+0
-4
yarn.lock

@@ -455,6 +455,2 @@ # THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.

electron-log@^2.2.14:
version "2.2.14"
resolved "https://registry.yarnpkg.com/electron-log/-/electron-log-2.2.14.tgz#2123319ccb8d70b0db07f0eda57d5823cb42b4b0"
escape-string-regexp@1.0.5, escape-string-regexp@^1.0.2, escape-string-regexp@^1.0.5:

@@ -461,0 +457,0 @@ version "1.0.5"

-5
test/keys.js
// Set a sender id and server key and save this under test/keys.js
module.exports = {
SENDER_ID: '623937673832',
SERVER_KEY: 'AIzaSyA_45LuC8i4h7SGcwrZfjAYtAc4wF3wJRA'
}