alexa-verifier
Advanced tools
alexa-verifier - npm Package Compare versions
Comparing version 0.4.0 to 0.5.0
@@ -1,7 +0,8 @@ | ||
| var request = require('request') | ||
| 'use strict' | ||
| var https = require('https') | ||
| // default in-memory cache for downloaded certificates | ||
| var globalCache = {} | ||
| var globalCache = {} // default in-memory cache for downloaded certificates | ||
| module.exports = function fetchCert(options, callback) { | ||
@@ -18,12 +19,25 @@ var url = options.url | ||
| request.get(url.href, function(er, response, body) { | ||
| var body = '' | ||
| https.get(url.href, function(response) { | ||
| var statusCode | ||
| if (response && 200 === response.statusCode) { | ||
| if (!response || 200 !== response.statusCode) { | ||
| statusCode = response ? response.statusCode : 0 | ||
| return callback('Failed to download certificate at: ' + url.href + '. Response code: ' + statusCode) | ||
| } | ||
| response.setEncoding('utf8') | ||
| response.on('data', function (chunk) { | ||
| body += chunk | ||
| }) | ||
| response.on('end', function () { | ||
| cache[url.href] = body | ||
| callback(undefined, body, servedFromCache) | ||
| } else { | ||
| statusCode = response ? response.statusCode : 0 | ||
| callback('Failed to download certificate at: ' + url.href + '. Response code: ' + statusCode + ', error: ' + er) | ||
| } | ||
| }) | ||
| }) | ||
| .on('error', function(er) { | ||
| console.error('balls2!', er) | ||
| callback('Failed to download certificate at: ' + url.href +'. Error: ' + er) | ||
| }) | ||
| } |
@@ -0,4 +1,5 @@ | ||
| 'use strict' | ||
| var crypto = require('crypto') | ||
| var fetchCert = require('./fetch-cert') | ||
| var request = require('request') | ||
| var url = require('url') | ||
@@ -5,0 +6,0 @@ var validateCert = require('./validate-cert') |
| { | ||
| "name": "alexa-verifier", | ||
| "version": "0.4.0", | ||
| "version": "0.5.0", | ||
| "description": "Verify HTTP requests sent to an Alexa skill are sent from Amazon", | ||
@@ -17,3 +17,2 @@ "main": "index.js", | ||
| "node-forge": "^0.7.0", | ||
| "request": "^2.67.0", | ||
| "validator": "^8.0.0" | ||
@@ -23,5 +22,5 @@ }, | ||
| "nock": "^9.0.2", | ||
| "sinon": "^3.2.1", | ||
| "tap": "^10.3.0", | ||
| "unroll": "^1.1.0", | ||
| "sinon": "^3.2.1" | ||
| "unroll": "1.4.0" | ||
| }, | ||
@@ -28,0 +27,0 @@ "engine": { |
@@ -0,1 +1,3 @@ | ||
| 'use strict' | ||
| var fetchCert = require('../fetch-cert') | ||
@@ -2,0 +4,0 @@ var nock = require('nock') |
@@ -0,1 +1,3 @@ | ||
| 'use strict' | ||
| var test = require('tap').test | ||
@@ -2,0 +4,0 @@ var url = require('url') |
@@ -0,1 +1,3 @@ | ||
| 'use strict' | ||
| var test = require('tap').test | ||
@@ -2,0 +4,0 @@ var unroll = require('unroll') |
@@ -0,1 +1,3 @@ | ||
| 'use strict' | ||
| var fs = require('fs') | ||
@@ -2,0 +4,0 @@ var pki = require('node-forge').pki |
@@ -0,1 +1,3 @@ | ||
| 'use strict' | ||
| // constants | ||
@@ -2,0 +4,0 @@ var VALID_CERT_HOSTNAME = 's3.amazonaws.com' |
@@ -0,1 +1,3 @@ | ||
| 'use strict' | ||
| var pki = require('node-forge').pki | ||
@@ -2,0 +4,0 @@ |
Sorry, the diff of this file is not supported yet
New alerts
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.99%
33082
- Dependency count
- decreased by-33.33%
2
- Lines of code
- increased by3.07%
537
Worsened metrics
- Number of medium supply chain risk alerts
- increased byInfinity%
1
Dependency changes
- Removedrequest@^2.67.0
- Removedajv@6.12.6(transitive)
- Removedasn1@0.2.6(transitive)
- Removedassert-plus@1.0.0(transitive)
- Removedasynckit@0.4.0(transitive)
- Removedaws-sign2@0.7.0(transitive)
- Removedaws4@1.13.2(transitive)
- Removedbcrypt-pbkdf@1.0.2(transitive)
- Removedcaseless@0.12.0(transitive)
- Removedcombined-stream@1.0.8(transitive)
- Removedcore-util-is@1.0.2(transitive)
- Removeddashdash@1.14.1(transitive)
- Removeddelayed-stream@1.0.0(transitive)
- Removedecc-jsbn@0.1.2(transitive)
- Removedextend@3.0.2(transitive)
- Removedextsprintf@1.3.0(transitive)
- Removedfast-deep-equal@3.1.3(transitive)
- Removedfast-json-stable-stringify@2.1.0(transitive)
- Removedforever-agent@0.6.1(transitive)
- Removedform-data@2.3.3(transitive)
- Removedgetpass@0.1.7(transitive)
- Removedhar-schema@2.0.0(transitive)
- Removedhar-validator@5.1.5(transitive)
- Removedhttp-signature@1.2.0(transitive)
- Removedis-typedarray@1.0.0(transitive)
- Removedisstream@0.1.2(transitive)
- Removedjsbn@0.1.1(transitive)
- Removedjson-schema@0.4.0(transitive)
- Removedjson-schema-traverse@0.4.1(transitive)
- Removedjson-stringify-safe@5.0.1(transitive)
- Removedjsprim@1.4.2(transitive)
- Removedmime-db@1.52.0(transitive)
- Removedmime-types@2.1.35(transitive)
- Removedoauth-sign@0.9.0(transitive)
- Removedperformance-now@2.1.0(transitive)
- Removedpsl@1.15.0(transitive)
- Removedpunycode@2.3.1(transitive)
- Removedqs@6.5.3(transitive)
- Removedrequest@2.88.2(transitive)
- Removedsafe-buffer@5.2.1(transitive)
- Removedsafer-buffer@2.1.2(transitive)
- Removedsshpk@1.18.0(transitive)
- Removedtough-cookie@2.5.0(transitive)
- Removedtunnel-agent@0.6.0(transitive)
- Removedtweetnacl@0.14.5(transitive)
- Removeduri-js@4.4.1(transitive)
- Removeduuid@3.4.0(transitive)
- Removedverror@1.10.0(transitive)