Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@vgs/collect-js

Package Overview
Dependencies
Maintainers
6
Versions
9
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@vgs/collect-js - npm Package Compare versions

Comparing version 0.4.0 to 0.5.0

dist/utils/parseVersion.d.ts

55

dist/collect-js.cjs.development.js

@@ -7,2 +7,4 @@ 'use strict';

var Promise = _interopDefault(require('promise-polyfill'));
var setAsap = _interopDefault(require('setasap'));
var axios = _interopDefault(require('axios'));

@@ -29,4 +31,5 @@ var uuid = require('uuid');

var MAIN_SCRIPT_DOMAIN = "https://js.verygoodvault.com";
var BACKUP_SCRIPT_DOMAIN = "https://js.verygoodvault.com";
var MAIN_SCRIPT_DOMAIN = "https://js.verygoodvault.com"; // Loading script from Fastly CDN
var BACKUP_SCRIPT_DOMAIN = "https://js3.verygoodvault.com";
var VGS_COLLECT_KEEPER = "https://vgs-collect-keeper.apps.verygood.systems";

@@ -159,3 +162,3 @@ var SESSION_ID = /*#__PURE__*/uuid.v4();

target.append(elem);
target.appendChild(elem);
return elem;

@@ -171,2 +174,34 @@ };

var parseVersionString = function parseVersionString(version) {
var parts = version.split('.');
var major = parseInt(parts[0]) || 0;
var minor = parseInt(parts[1]) || 0;
var patch = parseInt(parts[2]) || 0;
return {
major: major,
minor: minor,
patch: patch
};
};
var isVersionGreater = function isVersionGreater(current, minimal) {
if (current === 'canary') return true;
var currentParsed = parseVersionString(current);
var minimalParsed = parseVersionString(minimal);
if (currentParsed.major !== minimalParsed.major) {
return currentParsed.major > minimalParsed.major;
}
if (currentParsed.minor !== minimalParsed.minor) {
return currentParsed.minor > minimalParsed.minor;
}
if (currentParsed.patch !== minimalParsed.patch) {
return currentParsed.patch > minimalParsed.patch;
}
return false;
};
var scriptURL = MAIN_SCRIPT_DOMAIN;

@@ -201,6 +236,12 @@

var collectPromise = new Promise(function (resolve, reject) {
scriptURL = loadMainCDN ? scriptURL : BACKUP_SCRIPT_DOMAIN;
var _getConfig2 = getConfig(),
version = _getConfig2.version;
if (scriptExists() && window.VGSCollect) {
resolve(window.VGSCollect);
} // Fastly fallback CDN is available starting Collect.js version 2.3.0
if (!loadMainCDN && isVersionGreater(version, '2.3.0')) {
scriptURL = BACKUP_SCRIPT_DOMAIN;
}

@@ -270,4 +311,6 @@

Promise._immediateFn = setAsap; // side effects
Promise.resolve().then(function () {
if (!window.VGSCollect) {
if (typeof window !== 'undefined' && !window.VGSCollect) {
// DNS lookup

@@ -303,3 +346,3 @@ preFetch(); // Establish connection to the server

return new Promise(function (resolve, reject) {
if (typeof window === undefined) {
if (typeof window === 'undefined') {
reject(ERROR_MESSAGE.IS_UNDEFINED('window'));

@@ -306,0 +349,0 @@ return;

2

dist/collect-js.cjs.production.min.js

@@ -1,2 +0,2 @@

"use strict";Object.defineProperty(exports,"__esModule",{value:!0});var t,n=(t=require("axios"))&&"object"==typeof t&&"default"in t?t.default:t;function e(){return(e=Object.assign||function(t){for(var n=1;n<arguments.length;n++){var e=arguments[n];for(var o in e)Object.prototype.hasOwnProperty.call(e,o)&&(t[o]=e[o])}return t}).apply(this,arguments)}var o=require("uuid").v4(),r={vaultId:"",environment:"sandbox",version:"canary"},i=function(t){return t+" is undefined."},c=r,s=function(){return c},u={vaultId:function(t){return"string"==typeof t&&/^tnt.{8}$/.test(t)},environment:function(t){return"string"==typeof t&&/^(sandbox|live)((-eu)-\d{1})?$/.test(t)},version:function(t){return"canary"===t||"string"==typeof t&&/^\d{1,2}\.\d{1,2}(\.\d{1,2})?$/.test(t)&&!t.startsWith("1.")}},l=function(t){throw new Error(t+" is required.")},a=function(t){(function(t){!function(t,n){if(t){var e=Object.keys(t).filter((function(e){return!t[e](n[e])})).map((function(t){return new Error(t+" is invalid.")}));if(e.length)throw e[0]}}(u,t)})(t),function(t){t&&(c=e({},t))}(t),d({type:"LoadedFromPackage"})},d=function(t){var r=s(),i="",c={env:r.environment,tnt:r.vaultId,userAgent:window.navigator.userAgent,version:r.version,timestamp:Date.now(),vgsCollectSessionId:o};try{i=window.btoa(JSON.stringify(e({},t,c)))}catch(t){return}n({method:"POST",url:"https://vgs-collect-keeper.apps.verygood.systems/vgs",data:i}).then((function(){return!0})).catch((function(){}))},v=function(t){var n=document.head||document.body;if(!n)throw new Error("Unable to find document.head or document.body");return n.append(t),t},f=function(t,n){var e=document.createElement("link");e.rel=t,e.href=n,v(e)},w="https://js.verygoodvault.com",p=function(t,n){window.VGSCollect.init=function(e){return void 0===e&&(e=function(){}),window.VGSCollect.create(t,n,e)}};Promise.resolve().then((function(){window.VGSCollect||(f("dns-prefetch","https://js.verygoodvault.com"),f("dns-prefetch","https://js.verygoodvault.com"),f("preconnect","https://js.verygoodvault.com"),f("preconnect","https://js.verygoodvault.com"))})),exports.loadVGSCollect=function(t){void 0===t&&(t=l("config"));var n=t,e=n.vaultId,c=void 0===e?l("vaultId"):e,u=n.environment,f=void 0===u?r.environment:u,m=n.version,g=void 0===m?r.version:m;return"canary"===g&&console.warn("Please explicitly set locked VGS Collect.js version before going live. Check out the changelog https://www.verygoodsecurity.com/docs/vgs-collect/js/changelog"),a({vaultId:c,environment:f,version:g}),new Promise((function(t,n){void 0!==typeof window?(window.VGSCollect&&(p(c,f),t(window.VGSCollect)),function t(n){return void 0===n&&(n=!0),new Promise((function(e,r){if(w=n?w:"https://js.verygoodvault.com",function(){try{return document.querySelectorAll('script[src^="'+w+'/vgs-collect/"]').length>0}catch(t){return!1}}()&&window.VGSCollect&&e(window.VGSCollect),!window.VGSCollect){var c=function(){var t=s(),n=t.vaultId,e=t.environment,r=t.version,i=document.createElement("script");return i.src=w+"/vgs-collect/"+r+"/vgs-collect.js?sessionId="+o+"&tenantId="+n+"&env="+e,v(i),i}();c&&(c.onload=function(){window.VGSCollect||(d({type:"InstanceUndefined",status:"OK",mainCDN:n}),r(i("VGS Collect"))),d({type:"ScriptLoad",status:"OK",mainCDN:n}),e(window.VGSCollect)},c.onerror=function(){d({type:"ScriptLoad",status:"Failed",mainCDN:n}),n?e(t(!1)):r("VGS Collect.js script was not loaded.")})}}))}().then((function(){p(c,f),t(window.VGSCollect)})).catch((function(t){n(t)}))):n(i("window"))}))};
"use strict";function t(t){return t&&"object"==typeof t&&"default"in t?t.default:t}Object.defineProperty(exports,"__esModule",{value:!0});var n=t(require("promise-polyfill")),e=t(require("setasap")),o=t(require("axios"));function r(){return(r=Object.assign||function(t){for(var n=1;n<arguments.length;n++){var e=arguments[n];for(var o in e)Object.prototype.hasOwnProperty.call(e,o)&&(t[o]=e[o])}return t}).apply(this,arguments)}var i=require("uuid").v4(),c={vaultId:"",environment:"sandbox",version:"canary"},a=function(t){return t+" is undefined."},u=c,s=function(){return u},l={vaultId:function(t){return"string"==typeof t&&/^tnt.{8}$/.test(t)},environment:function(t){return"string"==typeof t&&/^(sandbox|live)((-eu)-\d{1})?$/.test(t)},version:function(t){return"canary"===t||"string"==typeof t&&/^\d{1,2}\.\d{1,2}(\.\d{1,2})?$/.test(t)&&!t.startsWith("1.")}},d=function(t){throw new Error(t+" is required.")},v=function(t){(function(t){!function(t,n){if(t){var e=Object.keys(t).filter((function(e){return!t[e](n[e])})).map((function(t){return new Error(t+" is invalid.")}));if(e.length)throw e[0]}}(l,t)})(t),function(t){t&&(u=r({},t))}(t),f({type:"LoadedFromPackage"})},f=function(t){var n=s(),e="",c={env:n.environment,tnt:n.vaultId,userAgent:window.navigator.userAgent,version:n.version,timestamp:Date.now(),vgsCollectSessionId:i};try{e=window.btoa(JSON.stringify(r({},t,c)))}catch(t){return}o({method:"POST",url:"https://vgs-collect-keeper.apps.verygood.systems/vgs",data:e}).then((function(){return!0})).catch((function(){}))},p=function(t){var n=document.head||document.body;if(!n)throw new Error("Unable to find document.head or document.body");return n.appendChild(t),t},w=function(t,n){var e=document.createElement("link");e.rel=t,e.href=n,p(e)},m=function(t){var n=t.split(".");return{major:parseInt(n[0])||0,minor:parseInt(n[1])||0,patch:parseInt(n[2])||0}},h="https://js.verygoodvault.com",y=function(t,n){window.VGSCollect.init=function(e){return void 0===e&&(e=function(){}),window.VGSCollect.create(t,n,e)}};n._immediateFn=e,n.resolve().then((function(){"undefined"==typeof window||window.VGSCollect||(w("dns-prefetch","https://js.verygoodvault.com"),w("dns-prefetch","https://js3.verygoodvault.com"),w("preconnect","https://js.verygoodvault.com"),w("preconnect","https://js3.verygoodvault.com"))})),exports.loadVGSCollect=function(t){void 0===t&&(t=d("config"));var e=t,o=e.vaultId,r=void 0===o?d("vaultId"):o,u=e.environment,l=void 0===u?c.environment:u,w=e.version,g=void 0===w?c.version:w;return"canary"===g&&console.warn("Please explicitly set locked VGS Collect.js version before going live. Check out the changelog https://www.verygoodsecurity.com/docs/vgs-collect/js/changelog"),v({vaultId:r,environment:l,version:g}),new n((function(t,e){"undefined"!=typeof window?(window.VGSCollect&&(y(r,l),t(window.VGSCollect)),function t(e){return void 0===e&&(e=!0),new n((function(n,o){var r=s().version;if(function(){try{return document.querySelectorAll('script[src^="'+h+'/vgs-collect/"]').length>0}catch(t){return!1}}()&&window.VGSCollect&&n(window.VGSCollect),!e&&function(t,n){if("canary"===t)return!0;var e=m(t),o=m("2.3.0");return e.major!==o.major?e.major>o.major:e.minor!==o.minor?e.minor>o.minor:e.patch!==o.patch&&e.patch>o.patch}(r)&&(h="https://js3.verygoodvault.com"),!window.VGSCollect){var c=function(){var t=s(),n=t.vaultId,e=t.environment,o=t.version,r=document.createElement("script");return r.src=h+"/vgs-collect/"+o+"/vgs-collect.js?sessionId="+i+"&tenantId="+n+"&env="+e,p(r),r}();c&&(c.onload=function(){window.VGSCollect||(f({type:"InstanceUndefined",status:"OK",mainCDN:e}),o(a("VGS Collect"))),f({type:"ScriptLoad",status:"OK",mainCDN:e}),n(window.VGSCollect)},c.onerror=function(){f({type:"ScriptLoad",status:"Failed",mainCDN:e}),e?n(t(!1)):o("VGS Collect.js script was not loaded.")})}}))}().then((function(){y(r,l),t(window.VGSCollect)})).catch((function(t){e(t)}))):e(a("window"))}))};
//# sourceMappingURL=collect-js.cjs.production.min.js.map

@@ -0,1 +1,3 @@

import Promise from 'promise-polyfill';
import setAsap from 'setasap';
import axios from 'axios';

@@ -22,4 +24,5 @@ import { v4 } from 'uuid';

var MAIN_SCRIPT_DOMAIN = "https://js.verygoodvault.com";
var BACKUP_SCRIPT_DOMAIN = "https://js.verygoodvault.com";
var MAIN_SCRIPT_DOMAIN = "https://js.verygoodvault.com"; // Loading script from Fastly CDN
var BACKUP_SCRIPT_DOMAIN = "https://js3.verygoodvault.com";
var VGS_COLLECT_KEEPER = "https://vgs-collect-keeper.apps.verygood.systems";

@@ -152,3 +155,3 @@ var SESSION_ID = /*#__PURE__*/v4();

target.append(elem);
target.appendChild(elem);
return elem;

@@ -164,2 +167,34 @@ };

var parseVersionString = function parseVersionString(version) {
var parts = version.split('.');
var major = parseInt(parts[0]) || 0;
var minor = parseInt(parts[1]) || 0;
var patch = parseInt(parts[2]) || 0;
return {
major: major,
minor: minor,
patch: patch
};
};
var isVersionGreater = function isVersionGreater(current, minimal) {
if (current === 'canary') return true;
var currentParsed = parseVersionString(current);
var minimalParsed = parseVersionString(minimal);
if (currentParsed.major !== minimalParsed.major) {
return currentParsed.major > minimalParsed.major;
}
if (currentParsed.minor !== minimalParsed.minor) {
return currentParsed.minor > minimalParsed.minor;
}
if (currentParsed.patch !== minimalParsed.patch) {
return currentParsed.patch > minimalParsed.patch;
}
return false;
};
var scriptURL = MAIN_SCRIPT_DOMAIN;

@@ -194,6 +229,12 @@

var collectPromise = new Promise(function (resolve, reject) {
scriptURL = loadMainCDN ? scriptURL : BACKUP_SCRIPT_DOMAIN;
var _getConfig2 = getConfig(),
version = _getConfig2.version;
if (scriptExists() && window.VGSCollect) {
resolve(window.VGSCollect);
} // Fastly fallback CDN is available starting Collect.js version 2.3.0
if (!loadMainCDN && isVersionGreater(version, '2.3.0')) {
scriptURL = BACKUP_SCRIPT_DOMAIN;
}

@@ -263,4 +304,6 @@

Promise._immediateFn = setAsap; // side effects
Promise.resolve().then(function () {
if (!window.VGSCollect) {
if (typeof window !== 'undefined' && !window.VGSCollect) {
// DNS lookup

@@ -296,3 +339,3 @@ preFetch(); // Establish connection to the server

return new Promise(function (resolve, reject) {
if (typeof window === undefined) {
if (typeof window === 'undefined') {
reject(ERROR_MESSAGE.IS_UNDEFINED('window'));

@@ -299,0 +342,0 @@ return;

import { IConfig } from '../utils/IConfig';
declare const MAIN_SCRIPT_DOMAIN = "https://js.verygoodvault.com";
declare const BACKUP_SCRIPT_DOMAIN = "https://js.verygoodvault.com";
declare const BACKUP_SCRIPT_DOMAIN = "https://js3.verygoodvault.com";
declare const VGS_COLLECT_KEEPER = "https://vgs-collect-keeper.apps.verygood.systems";

@@ -5,0 +5,0 @@ declare const SESSION_ID: string;

{
"name": "@vgs/collect-js",
"version": "0.4.0",
"version": "0.5.0",
"description": "VGS Collect.js script loading module",

@@ -43,6 +43,10 @@ "license": "MIT",

"dependencies": {
"@types/promise-polyfill": "^6.0.4",
"@types/setasap": "^2.0.0",
"@types/uuid": "^8.3.0",
"axios": "^0.21.1",
"promise-polyfill": "8.2.0",
"setasap": "^2.0.1",
"uuid": "^8.3.2"
}
}

@@ -123,2 +123,10 @@ <p align="center">

## CSP directives
We strongly recommend to add the CSP to your application. Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. Please create CSP directives for the following domains:
`connect-src https://js.verygoodvault.com https://js3.verygoodvault.com`
`frame-src https://js.verygoodvault.com https://js3.verygoodvault.com`
`script-src https://js.verygoodvault.com https://js3.verygoodvault.com`
## Examples

@@ -125,0 +133,0 @@

import { v4 as uuidv4 } from 'uuid';
import { IConfig } from '../utils/IConfig';
// Loading script from CloudFront CDN
const MAIN_SCRIPT_DOMAIN = `https://js.verygoodvault.com`;
const BACKUP_SCRIPT_DOMAIN = `https://js.verygoodvault.com`;
// Loading script from Fastly CDN
const BACKUP_SCRIPT_DOMAIN = `https://js3.verygoodvault.com`;
const VGS_COLLECT_KEEPER = `https://vgs-collect-keeper.apps.verygood.systems`;

@@ -7,0 +9,0 @@ const SESSION_ID = uuidv4();

@@ -0,1 +1,4 @@

import Promise from 'promise-polyfill';
import setAsap from 'setasap';
import { loadScript } from './utils/loadScript';

@@ -12,5 +15,7 @@ import { registerScriptLoading } from './utils/trackEvent';

Promise._immediateFn = setAsap;
// side effects
Promise.resolve().then(() => {
if (!window.VGSCollect) {
if (typeof window !== 'undefined' && !window.VGSCollect) {
// DNS lookup

@@ -37,3 +42,3 @@ preFetch();

return new Promise((resolve, reject) => {
if (typeof window === undefined) {
if (typeof window === 'undefined') {
reject(ERROR_MESSAGE.IS_UNDEFINED('window'));

@@ -40,0 +45,0 @@ return;

@@ -12,3 +12,3 @@ import { ERROR_MESSAGE } from '../constants';

target.append(elem);
target.appendChild(elem);
return elem;

@@ -15,0 +15,0 @@ };

@@ -0,1 +1,2 @@

import Promise from 'promise-polyfill';
import { trackEvent } from './trackEvent';

@@ -11,2 +12,3 @@ import { getConfig } from './config';

import { appendElement } from './appendElement';
import { isVersionGreater } from './parseVersion';

@@ -38,3 +40,3 @@ let scriptURL = MAIN_SCRIPT_DOMAIN;

const collectPromise = new Promise((resolve, reject) => {
scriptURL = loadMainCDN ? scriptURL : BACKUP_SCRIPT_DOMAIN;
const { version } = getConfig();

@@ -45,2 +47,7 @@ if (scriptExists() && window.VGSCollect) {

// Fastly fallback CDN is available starting Collect.js version 2.3.0
if (!loadMainCDN && isVersionGreater(version, '2.3.0')) {
scriptURL = BACKUP_SCRIPT_DOMAIN;
}
if (!window.VGSCollect) {

@@ -47,0 +54,0 @@ const script = appendScript();

Sorry, the diff of this file is not supported yet

Sorry, the diff of this file is not supported yet

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc