connect - npm Package Compare versions

Comparing version 2.28.3 to 2.29.0

History.md

@@ -0,1 +1,50 @@
+2.29.0 / 2015-02-17
+===================
+
+  * Use `content-type` to parse `Content-Type` headers
+  * deps: body-parser@~1.12.0
+    - add `debug` messages
+    - accept a function for the `type` option
+    - make internal `extended: true` depth limit infinity
+    - use `content-type` to parse `Content-Type` headers
+    - deps: iconv-lite@0.4.7
+    - deps: raw-body@1.3.3
+    - deps: type-is@~1.6.0
+  * deps: compression@~1.4.1
+    - Prefer `gzip` over `deflate` on the server
+    - deps: accepts@~1.2.4
+  * deps: connect-timeout@~1.6.0
+    - deps: http-errors@~1.3.1
+  * deps: cookie-parser@~1.3.4
+    - deps: cookie-signature@1.0.6
+  * deps: cookie-signature@1.0.6
+  * deps: csurf@~1.7.0
+    - Accept `CSRF-Token` and `XSRF-Token` request headers
+    - Default `cookie.path` to `'/'`, if using cookies
+    - deps: cookie-signature@1.0.6
+    - deps: csrf@~2.0.6
+    - deps: http-errors@~1.3.1
+  * deps: errorhandler@~1.3.4
+    - deps: accepts@~1.2.4
+  * deps: express-session@~1.10.3
+    - deps: cookie-signature@1.0.6
+    - deps: uid-safe@1.1.0
+  * deps: http-errors@~1.3.1
+    - Construct errors using defined constructors from `createError`
+    - Fix error names that are not identifiers
+    - Set a meaningful `name` property on constructed errors
+  * deps: response-time@~2.3.0
+    - Add function argument to support recording of response time
+  * deps: serve-index@~1.6.2
+    - deps: accepts@~1.2.4
+    - deps: http-errors@~1.3.1
+    - deps: mime-types@~2.0.9
+  * deps: serve-static@~1.9.1
+    - deps: send@0.12.1
+  * deps: type-is@~1.6.0
+    - fix argument reassignment
+    - fix false-positives in `hasBody` `Transfer-Encoding` check
+    - support wildcard for both type and subtype (`*/*`)
+    - deps: mime-types@~2.0.9
+
 2.28.3 / 2015-01-31
@@ -2,0 +51,0 @@ ===================

lib/utils.js

@@ -6,2 +6,3 @@
  * Copyright(c) 2011 TJ Holowaychuk
+ * Copyright(c) 2014-2015 Douglas Christopher Wilson
  * MIT Licensed
@@ -15,2 +16,3 @@ */
 var bytes = require('bytes');
+var contentType = require('content-type');
 var cookieParser = require('cookie-parser');
@@ -26,3 +28,2 @@ var createError = require('http-errors');
   , nodeVersion = process.versions.node.split('.');
-var typer = require('media-typer');
 var merge = require('utils-merge');
@@ -400,6 +401,6 @@
 
-exports.setCharset = function(type, charset){
+exports.setCharset = function setCharset(type, charset) {
   if (!type || !charset) return type;
 
-  var parsed = typer.parse(type);
+  var parsed = contentType.parse(type);
   var exists = parsed.parameters.charset;
@@ -415,5 +416,5 @@
 
-  return typer.format(parsed);
+  return contentType.format(parsed);
 };
 
 function noop() {}

package.json

 {
   "name": "connect",
   "description": "High performance middleware framework",
-  "version": "2.28.3",
+  "version": "2.29.0",
   "author": "TJ Holowaychuk <tj@vision-media.ca> (http://tjholowaychuk.com)",
@@ -21,18 +21,18 @@ "contributors": [
     "basic-auth-connect": "1.0.0",
-    "body-parser": "~1.10.2",
+    "body-parser": "~1.12.0",
     "bytes": "1.0.0",
     "cookie": "0.1.2",
-    "cookie-parser": "~1.3.3",
-    "cookie-signature": "1.0.5",
-    "compression": "~1.3.1",
-    "connect-timeout": "~1.5.0",
-    "csurf": "~1.6.6",
+    "cookie-parser": "~1.3.4",
+    "cookie-signature": "1.0.6",
+    "compression": "~1.4.1",
+    "connect-timeout": "~1.6.0",
+    "content-type": "~1.0.1",
+    "csurf": "~1.7.0",
     "debug": "~2.1.1",
     "depd": "~1.0.0",
-    "errorhandler": "~1.3.3",
-    "express-session": "~1.10.2",
+    "errorhandler": "~1.3.4",
+    "express-session": "~1.10.3",
     "finalhandler": "0.3.3",
     "fresh": "0.2.4",
-    "http-errors": "~1.2.8",
-    "media-typer": "0.3.0",
+    "http-errors": "~1.3.1",
     "method-override": "~2.3.1",
@@ -44,7 +44,7 @@ "morgan": "~1.5.1",
     "qs": "2.3.3",
-    "response-time": "~2.2.0",
+    "response-time": "~2.3.0",
     "serve-favicon": "~2.2.0",
-    "serve-index": "~1.6.1",
-    "serve-static": "~1.8.1",
-    "type-is": "~1.5.6",
+    "serve-index": "~1.6.2",
+    "serve-static": "~1.9.1",
+    "type-is": "~1.6.0",
     "utils-merge": "1.0.0",
@@ -58,6 +58,12 @@ "vhost": "~3.0.0",
     "mocha": "~2.1.0",
-    "should": "~4.6.2"
+    "should": "~5.0.0"
   },
   "license": "MIT",
-  "main": "index",
+  "files": [
+    "lib/",
+    "LICENSE",
+    "History.md",
+    "Readme.md",
+    "index.js"
+  ],
   "engines": {
@@ -64,0 +70,0 @@ "node": ">= 0.8.0"

Readme.md

@@ -7,3 +7,3 @@ # Connect
 [![Test Coverage][coveralls-image]][coveralls-url]
-[![Gittip][gittip-image]][gittip-url]
+[![Gratipay][gratipay-image]][gratipay-url]
 
@@ -80,7 +80,4 @@ Connect is an extensible HTTP server framework for [node](http://nodejs.org), providing high performance "plugins" known as _middleware_.
 
-  Connect `2.x` is compatible with node 0.8.x
+  Connect `2.x` is compatible with node 0.8.x, 0.10.x, and 0.12.x
 
-
-  Connect `3.x` is compatible with node 0.10.x
-
 ## License
@@ -90,11 +87,11 @@
 
-[npm-image]: https://img.shields.io/npm/v/connect.svg?style=flat
+[npm-image]: https://img.shields.io/npm/v/connect.svg
 [npm-url]: https://npmjs.org/package/connect
-[travis-image]: https://img.shields.io/travis/senchalabs/connect.svg?style=flat
+[travis-image]: https://img.shields.io/travis/senchalabs/connect/master.svg
 [travis-url]: https://travis-ci.org/senchalabs/connect
-[coveralls-image]: https://img.shields.io/coveralls/senchalabs/connect.svg?style=flat
+[coveralls-image]: https://img.shields.io/coveralls/senchalabs/connect/master.svg
 [coveralls-url]: https://coveralls.io/r/senchalabs/connect
-[downloads-image]: https://img.shields.io/npm/dm/connect.svg?style=flat
+[downloads-image]: https://img.shields.io/npm/dm/connect.svg
 [downloads-url]: https://npmjs.org/package/connect
-[gittip-image]: https://img.shields.io/gittip/dougwilson.svg?style=flat
-[gittip-url]: https://www.gittip.com/dougwilson/
+[gratipay-image]: https://img.shields.io/gratipay/dougwilson.svg
+[gratipay-url]: https://www.gratipay.com/dougwilson/

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Number of low supply chain risk alerts

4

decreased by-33.33%

Number of medium supply chain risk alerts

5

decreased by-58.33%

Worsened metrics

Total package byte prevSize

123241

decreased by-31.38%

Number of package files

34

decreased by-42.37%

Lines of code

1938

decreased by-25.17%

Number of lines in readme file

95

decreased by-3.06%

Dependency changes

• + Addedcontent-type@~1.0.1

• + Addedbody-parser@1.12.4(transitive)

• + Addedbytes@2.1.0(transitive)

• + Addedcompression@1.4.4(transitive)

• + Addedconnect-timeout@1.6.2(transitive)

• + Addedcontent-type@1.0.5(transitive)

• + Addedcsurf@1.7.0(transitive)

• + Addeddepd@1.1.2(transitive)

• + Addediconv-lite@0.4.8(transitive)

• + Addedmime@1.3.4(transitive)

• + Addedqs@2.4.2(transitive)

• + Addedraw-body@2.0.2(transitive)

• + Addedresponse-time@2.3.2(transitive)

• + Addedsend@0.12.3(transitive)

• + Addedserve-static@1.9.3(transitive)

• + Addedtype-is@1.6.18(transitive)

• - Removedmedia-typer@0.3.0

• - Removedbody-parser@1.10.2(transitive)

• - Removedcompression@1.3.1(transitive)

• - Removedconnect-timeout@1.5.0(transitive)

• - Removedcookie-signature@1.0.5(transitive)

• - Removedcsurf@1.6.6(transitive)

• - Removedetag@1.5.1(transitive)

• - Removedhttp-errors@1.2.8(transitive)

• - Removediconv-lite@0.4.6(transitive)

• - Removedmime@1.2.11(transitive)

• - Removedraw-body@1.3.2(transitive)

• - Removedresponse-time@2.2.0(transitive)

• - Removedsend@0.11.1(transitive)

• - Removedserve-static@1.8.1(transitive)

• - Removedtype-is@1.5.7(transitive)

• Updatedbody-parser@~1.12.0

• Updatedcompression@~1.4.1

• Updatedconnect-timeout@~1.6.0

• Updatedcookie-parser@~1.3.4

• Updatedcookie-signature@1.0.6

• Updatedcsurf@~1.7.0

• Updatederrorhandler@~1.3.4

• Updatedexpress-session@~1.10.3

• Updatedhttp-errors@~1.3.1

• Updatedresponse-time@~2.3.0

• Updatedserve-index@~1.6.2

• Updatedserve-static@~1.9.1

• Updatedtype-is@~1.6.0