curl-to-postmanv2 - npm Package Compare versions

Comparing version 1.1.1 to 1.1.2

CHANGELOG.md

 # cURL to Postman Importer Changelog
+#### v1.1.2 (January 10, 2023)
+* Changed regex to check for prefix space in url with query parameters for given curl string
+
 #### v1.1.1 (June 2, 2022)
@@ -3,0 +6,0 @@ * Updated how error was handled in case of malformed URL.

package.json

 {
   "name": "curl-to-postmanv2",
-  "version": "1.1.1",
+  "version": "1.1.2",
   "description": "Convert a given CURL command to a Postman request",
@@ -5,0 +5,0 @@ "main": "index.js",

src/lib.js

@@ -478,8 +478,5 @@ const commander = require('commander'),
 
-        // [Github #8843] - RegEx to fix malformed cURLs with unquoted multi-param URLs
-        const multiParamUrlRegEx = /([^'` "\n]+)\.([^ \n]+)&((?!["'])[^ "`'\n])+($|(?=\s))/gm;
-
-        var cleanedCurlString = curlString.replace(multiParamUrlRegEx, `'${curlString.match(multiParamUrlRegEx)}'`),
-          sanitizedArgs = this.sanitizeArgs(cleanedCurlString),
-          curlObj = program.parse(sanitizedArgs),
+        var cleanedCurlString = curlString,
+          sanitizedArgs,
+          curlObj,
           request = {},
@@ -496,2 +493,22 @@ basicAuthParts,
 
+        try {
+          sanitizedArgs = this.sanitizeArgs(cleanedCurlString);
+          curlObj = program.parse(sanitizedArgs);
+        }
+        catch (e) {
+          // [Github #8843] - RegEx to fix malformed cURLs with unquoted multi-param URLs
+          const multiParamUrlRegEx = /\s([^'` "\n]+)\.([^ \n]+)&((?!["'])[^ "`'\n])+($|(?=\s))/gm;
+          let matchedStrings = curlString.match(multiParamUrlRegEx),
+            matchedString = '',
+            prefixString = '';
+
+          if (matchedStrings && matchedStrings.length > 0) {
+            prefixString = matchedStrings[0].slice(0, 1);
+            matchedString = matchedStrings[0].slice(1);
+          }
+          cleanedCurlString = curlString.replace(multiParamUrlRegEx, `${prefixString}'${matchedString}'`);
+          sanitizedArgs = this.sanitizeArgs(cleanedCurlString);
+          curlObj = program.parse(sanitizedArgs);
+        }
+
         this.headerPairs = {};
@@ -498,0 +515,0 @@

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

96403

increased by45.11%

Number of package files

22

increased by15.79%

Lines of code

1136

increased by3.56%

Worsened metrics

Number of low supply chain risk alerts

2

increased by100%

Number of medium supply chain risk alerts

1

increased byInfinity%

No dependency changes