atlassian-jwt - npm Package Compare versions

Comparing version 1.0.1 to 1.0.2

dist/lib/jwt.js

@@ -24,3 +24,3 @@ "use strict";
  */
-var crypto = __importStar(require("crypto"));
+var crypto_1 = require("crypto");
 var _ = __importStar(require("lodash"));
@@ -178,4 +178,3 @@ var jsuri_1 = __importDefault(require("jsuri"));
 function createQueryStringHash(req, checkBodyForParams, baseUrl) {
-    return crypto
-        .createHash(algorithmMap.HS256)
+    return crypto_1.createHash(algorithmMap.HS256)
         .update(createCanonicalRequest(req, checkBodyForParams, baseUrl))
@@ -189,7 +188,7 @@ .digest('hex');
 function sign(input, key, method) {
-    var base64str = crypto.createHmac(method, key).update(input).digest('base64');
+    var base64str = crypto_1.createHmac(method, key).update(input).digest('base64');
     return base64urlEscape(base64str);
 }
 function base64urlDecode(str) {
-    return new Buffer(base64urlUnescape(str), 'base64').toString();
+    return Buffer.from(base64urlUnescape(str), 'base64').toString();
 }
@@ -201,3 +200,3 @@ function base64urlUnescape(str) {
 function base64urlEncode(str) {
-    return base64urlEscape(new Buffer(str).toString('base64'));
+    return base64urlEscape(Buffer.from(str).toString('base64'));
 }
@@ -204,0 +203,0 @@ function base64urlEscape(str) {

package.json

 {
   "name": "atlassian-jwt",
   "description": "JWT (JSON Web Token) implementation with custom Atlassian QSH claim verification",
-  "version": "1.0.1",
+  "version": "1.0.2",
   "author": "Seb Ruiz <sruiz@atlassian.com>",
@@ -21,3 +21,3 @@ "repository": {
     "@types/qs": "^6.5.1",
-    "mocha": "^3.0.2",
+    "mocha": "^5.2.0",
     "moment": "^2.14.1",
@@ -24,0 +24,0 @@ "qs": "^6.2.1",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Improved metrics

Number of medium supply chain risk alerts

0

decreased by-100%

Worsened metrics

Total package byte prevSize

18298

decreased by-0.08%

Lines of code

337

decreased by-0.3%

No dependency changes