bitfinex-api-node - npm Package Compare versions

Comparing version 5.0.0 to 5.0.1

lib/ws2_manager.js

@@ -204,6 +204,7 @@ 'use strict'
     if (_isFinite(dms)) this._authArgs.dms = dms
+    if (apiKey) this._authArgs.apiKey = apiKey
+    if (apiSecret) this._authArgs.apiSecret = apiSecret
 
     this._sockets.forEach(s => {
       if (!s.ws.isAuthenticated()) {
-        s.ws.setAPICredentials(apiKey, apiSecret)
         s.ws.updateAuthArgs(this._authArgs)
@@ -210,0 +211,0 @@ s.ws.auth()

package.json

 {
   "name": "bitfinex-api-node",
-  "version": "5.0.0",
+  "version": "5.0.1",
   "description": "Node reference library for Bitfinex API",
@@ -5,0 +5,0 @@ "engines": {

test/index.js

@@ -108,5 +108,5 @@ /* eslint-env mocha */
       assert.strictEqual(ws1._apiKey, 'k')
-      assert.strictEqual(ws2._apiKey, 'k')
+      assert.strictEqual(ws2._authArgs.apiKey, 'k')
       assert.strictEqual(ws1._apiSecret, 's')
-      assert.strictEqual(ws2._apiSecret, 's')
+      assert.strictEqual(ws2._authArgs.apiSecret, 's')
       assert.strictEqual(ws1._url, 'wss://')
@@ -113,0 +113,0 @@ assert.strictEqual(ws2._url, 'wss://')

test/lib/ws2_manager.js

@@ -192,4 +192,3 @@ /* eslint-env mocha */
           isAuthenticated: () => false,
-          setAPICredentials: (key, secret) => { cred = `${key}:${secret}` },
-          updateAuthArgs: () => {},
+          updateAuthArgs: ({ apiKey: key, apiSecret: secret }) => { cred = `${key}:${secret}` },
           auth: () => {
@@ -289,4 +288,4 @@ assert.strictEqual(cred, '41:42')
       ws.auth = async () => {
-        assert.strictEqual(ws._apiKey, 'key', 'api key not set')
-        assert.strictEqual(ws._apiSecret, 'secret', 'api secret not set')
+        assert.strictEqual(ws._authArgs.apiKey, 'key', 'api key not set')
+        assert.strictEqual(ws._authArgs.apiSecret, 'secret', 'api secret not set')
 
@@ -293,0 +292,0 @@ await ws.close()

New alerts

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 9 instances in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Fixed alerts

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 9 instances in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

2236986

0.02%

Lines of code

9077

0.11%

Number of medium supply chain risk alerts

5

-16.67%

No dependency changes