@trayio/threadneedle - npm Package Compare versions

Comparing version 1.0.23 to 1.0.24

lib/addMethod/index.js

@@ -5,2 +5,3 @@ var when               = require('when');
 var setParam           = require('mout/queryString/setParam');
+var guid               = require('mout/random/guid');
 var logger             = require('../logger');
@@ -84,2 +85,5 @@ var globalize          = require('./globalize');
         var options = globalize.object.call(threadneedle, 'options', config, params);
+        if (config.fileHandler === true) {
+          params.temp_file = '/tmp/'+guid();
+        }
 
@@ -147,3 +151,4 @@ // Post/put/delete data
 
-              // If valid, then all good!
+              // We're valid!
+
               resolve({
@@ -150,0 +155,0 @@ body: body,

package.json

 {
   "name": "@trayio/threadneedle",
-  "version": "1.0.23",
+  "version": "1.0.24",
   "description": "A framework for simplifying working with HTTP-based APIs.",
@@ -5,0 +5,0 @@ "main": "lib/index.js",

README.md

@@ -306,3 +306,3 @@ # threadneedle
   expects: 200,
-  afterSuccess: function (body) {
+  afterSuccess: function (body, params, res) {
     body.name = body.first_name + ' ' + body.last_name;
@@ -326,3 +326,3 @@
   expects: 200,
-  afterFailure: function (err) {
+  afterFailure: function (err, params) {
     if (err.response.statusCode === 403) {
@@ -553,3 +553,3 @@ err.code = 'oauth_refresh';
 {
-  afterSuccess: function (body) {
+  afterSuccess: function (body, params, res) {
     body.errors = [];
@@ -577,3 +577,3 @@
 {
-  afterFailure: function (err) {
+  afterFailure: function (err, params) {
     if (err.response.statusCode === 429) {
@@ -580,0 +580,0 @@ err.code = 'call_limit_exceeded';

tests/addMethod_test.js

@@ -6,2 +6,3 @@ var assert       = require('assert');
 var when         = require('when');
+var fs           = require('fs');
 var randString   = require('mout/random/randString');
@@ -601,3 +602,37 @@ var globalize    = require('../lib/addMethod/globalize');
 
+    it('should add a {{temp_file}} parameter when `fileHandler` is true', function (done) {
+      var name = randString(10);
+      threadneedle.addMethod(name, {
+        method: 'get',
+        url: host + '/' + name,
+        fileHandler: true,
+        data: {
+          firstName: '{{firstName}}'
+        },
+        afterSuccess: function (body, params) {
+          assert(params.temp_file);
+          assert.equal(params.temp_file.indexOf('/tmp/'), 0);
+          assert.equal(params.temp_file.length, 41);
+        }
+      });
 
+      app.get('/'+name, function (req, res) {
+        var filePath = __dirname+'/sample-file.png';
+        var stat = fs.statSync(filePath);
+        res.writeHead(200, {
+          'Content-Type': 'image/png',
+          'Content-Length': stat.size
+        });
+        var readStream = fs.createReadStream(filePath);
+        readStream.pipe(res);
+      });
+
+      threadneedle[name]({
+        firstName: 'Chris'
+      }).done(function(body) {
+        done();
+      })
+    });
+
+
   });
@@ -604,0 +639,0 @@

New alerts

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

94795

increased by7.16%

Number of package files

35

increased by2.94%

Lines of code

2408

increased by1.52%

Worsened metrics

Number of low supply chain risk alerts

2

increased by100%

No dependency changes