cachebust - npm Package Compare versions

Comparing version 1.1.0 to 2.0.0

lib/cachebust.js

@@ -12,54 +12,53 @@ /*
 
-var $ = require('cheerio'),
+var cheerio = require('cheerio'),
   MD5 = require('MD5'),
   fs = require('fs');
 
-exports.busted = function(fileContents, options) {
-  var self = this;
+function loadAttribute(content) {
+  if (content.name.toLowerCase() === 'link') {
+    return content.attribs.href;
+  }
 
-  options.basePath = options.basePath || "";
 
-  if (options.type === 'timestamp') {
-    self.timestamp = new Date().getTime();
+  if (content.name.toLowerCase() === 'script') {
+    return content.attribs.src;
   }
 
-  var protocolRegEx = /^http(s)?/,
-    scripts = $(fileContents).find('script'),
-    styles = $(fileContents).find('link[rel=stylesheet]'),
-    data;
+  throw "No content awaited in this step of process";
+}
 
- 
-  // Loop the stylesheet hrefs
-  for (var i = 0; i < styles.length; i++) {
-    var origHref = styles[i].attribs.href,
-      styleHref = styles[i].attribs.href.split("?")[0];
 
-    // Test for http(s) and don't cache bust if (assumed) served from CDN
-    if (!protocolRegEx.test(styleHref)) {
-      if (options.type === 'timestamp') {
-        fileContents = fileContents.replace(origHref, styleHref + '?t=' + self.timestamp);
-      } else {
-        data = fs.readFileSync(options.basePath + styleHref).toString();
-        fileContents = fileContents.replace(origHref, styleHref + '?v=' + MD5(data));
-      }
-    }
-  }
+exports.busted = function(fileContents, options) {
+  var self = this, $ = cheerio.load(fileContents);
 
-  // Loop the script srcs
-  for (var j = 0; j < scripts.length; j++) {
-    var origSrc =  scripts[j].attribs.src,
-      scriptSrc = scripts[j].attribs.src.split("?")[0];
+  self.MD5 = function(fileContents, originalAttrValue, options) {
+    var originalAttrValueWithoutCacheBusting = originalAttrValue.split("?")[0],
+        hash = MD5(fs.readFileSync(options.basePath + originalAttrValueWithoutCacheBusting).toString());
 
+    return fileContents.replace(originalAttrValue, originalAttrValueWithoutCacheBusting + '?v=' + hash);
+  };
+
+  self.timestamp = function(fileContents, originalAttrValue, options) {
+    var originalAttrValueWithoutCacheBusting = originalAttrValue.split("?")[0];
+    return fileContents.replace(originalAttrValue, originalAttrValueWithoutCacheBusting + '?t=' + options.currentTimestamp);
+  };
+
+  options = {
+    basePath : options.basePath || "",
+    type : options.type || "MD5",
+    currentTimestamp : new Date().getTime()
+  };
+
+  var protocolRegEx = /^http(s)?/, elements = $('script[src], link[rel=stylesheet][href]');
+
+  for (var i = 0, len = elements.length; i < len; i++) {
+    var originalAttrValue = loadAttribute(elements[i]);
+
     // Test for http(s) and don't cache bust if (assumed) served from CDN
-    if (!protocolRegEx.test(scriptSrc)) {
-      if (options.type === 'timestamp') {
-        fileContents = fileContents.replace(origSrc, scriptSrc + '?t=' + self.timestamp);
-      } else {
-        data = fs.readFileSync(options.basePath + scriptSrc).toString();
-        fileContents = fileContents.replace(origSrc, scriptSrc + '?v=' + MD5(data));
-      }
+    if (!protocolRegEx.test(originalAttrValue)) {
+      fileContents = self[options.type](fileContents, originalAttrValue, options);
     }
   }
- 
+
   return fileContents;
 };

package.json

 {
   "name": "cachebust",
-  "version": "1.1.0",
+  "version": "2.0.0",
   "main": "lib/cachebust.js",
@@ -27,4 +27,4 @@ "description": "Append a query string to your assets to bust that cache!",
   "dependencies": {
-    "MD5": "^1.2.1",
-    "cheerio": "^0.17.0"
+    "md5": "^2.0.0",
+    "cheerio": "^0.19.0"
   },
@@ -31,0 +31,0 @@ "devDependencies": {

test/fixtures/default_options.html

@@ -6,2 +6,3 @@ <!DOCTYPE html>
   <title>Index</title>
+  <link rel="stylesheet">Foo !</link>
   <link rel="stylesheet" href="styles/main.css" />
@@ -12,2 +13,5 @@ <link rel="stylesheet" href="http://cdn.com/styles/main.css" />
 <body>
+  <script type="text/javascript">
+    console.log("Bar !");
+  </script>
   <script src="scripts/moar.js"></script>
@@ -14,0 +18,0 @@ <script src="http://best-cdn-ever.com/scripts/evenMoar.js"></script>

New alerts

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

9167

1.17%

Worsened metrics

Lines of code

171

-2.84%

Dependency changes

• + Added

  md5@^2.0.0

• + Added

  boolbase@1.0.0
  (transitive)

• + Added

  cheerio@0.19.0
  (transitive)

• + Added

  css-select@1.0.0
  (transitive)

• + Added

  css-what@1.0.0
  (transitive)

• + Added

  dom-serializer@0.1.1
  (transitive)

• + Added

  domelementtype@1.3.1
  (transitive)

• + Added

  domhandler@2.3.0
  (transitive)

• + Added

  htmlparser2@3.8.3
  (transitive)

• + Added

  is-buffer@1.1.6
  (transitive)

• + Added

  lodash@3.10.1
  (transitive)

• + Added

  md5@2.3.0
  (transitive)

• + Added

  nth-check@1.0.2
  (transitive)

• - Removed

  MD5@^1.2.1

• - Removed

  CSSselect@0.4.1
  (transitive)

• - Removed

  CSSwhat@0.4.7
  (transitive)

• - Removed

  MD5@1.3.0
  (transitive)

• - Removed

  cheerio@0.17.0
  (transitive)

• - Removed

  dom-serializer@0.0.1
  (transitive)

• - Removed

  domelementtype@1.1.3
  (transitive)

• - Removed

  domhandler@2.2.1
  (transitive)

• - Removed

  htmlparser2@3.7.3
  (transitive)

• - Removed

  lodash@2.4.2
  (transitive)

• Updated

  cheerio@^0.19.0