a127-magic - npm Package Compare versions

Comparing version 0.7.8 to 0.8.1

lib/middleware.js

@@ -27,2 +27,3 @@ /****************************************************************************
 var a127Config = require('./config');
+var CORS = require('cors');
 
@@ -67,3 +68,3 @@ module.exports = middleware;
 
-  return chain([
+  var middlewares = [
     swaggerTools.swaggerMetadata(magic.swaggerObject),
@@ -76,3 +77,10 @@ swaggerTools.swaggerSecurity(magic.volosAuth.swaggerSecurityHandlers),
     swaggerTools.swaggerRouter(routerConfig)
-  ]);
+  ];
+
+  // config options: https://www.npmjs.com/package/cors
+  if (startConfig.corsOptions) {
+    middlewares.unshift(CORS(startConfig.corsOptions));
+  }
+
+  return chain(middlewares);
 }
@@ -79,0 +87,0 @@

package.json

 {
   "name": "a127-magic",
-  "version": "0.7.8",
+  "version": "0.8.1",
   "description": "Apigee 127 Swagger Loader and Middleware",
@@ -19,2 +19,3 @@ "keywords": [
   "dependencies": {
+    "cors": "^2.5.3",
     "debug": "1.0.x",
@@ -35,4 +36,6 @@ "splitargs": "0.0.3",
   },
-  "scripts": {},
+  "scripts": {
+    "test": "mocha -u exports -R spec test"
+  },
   "bin": {}
 }

New alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 4 instances in 1 package

Fixed alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Improved metrics

Number of package files

36

increased by2.86%

Lines of code

681

increased by0.89%

Number of low supply chain risk alerts

18

decreased by-43.75%

Worsened metrics

Total package byte prevSize

99845

decreased by-1.05%

Dependency count

7

increased by16.67%

Dependency changes

• + Addedcors@^2.5.3

• + Addedcors@2.8.5(transitive)

• + Addedobject-assign@4.1.1(transitive)

• + Addedvary@1.1.2(transitive)