dnslint - npm Package Compare versions

Comparing version 1.1.23 to 1.1.24

dnslint.json

 {
   "$schema": "./src/schema/dnslint.schema.json#",
   "aws": {
-    "enabled": true
+    "enabled": false
   },
@@ -6,0 +6,0 @@ "domains": [

package.json

 {
   "name": "dnslint",
-  "version": "1.1.23",
+  "version": "1.1.24",
   "description": "XYO Internal Domain Tool",
   "main": "src/index.js",
   "scripts": {
+    "install": "yarn build",
     "pretest": "yarn install",
@@ -32,2 +33,3 @@ "test": "yarn tslint --config tslint.json src/*",
     "dotenv-expand": "^5.0.0",
+    "html-validator": "^4.0.0",
     "load-json-file": "^5.2.0",
@@ -34,0 +36,0 @@ "lodash": "^4.17.11",

src/config/record.ts

@@ -8,2 +8,3 @@ import { DomainConfig } from "./domain"
   public timeout?: number
+  public html?: boolean
 
@@ -10,0 +11,0 @@ public reverseDNS?: {

src/index.ts

@@ -52,3 +52,3 @@ import { AWS } from './aws'
     } else {
-      console.error(chalk.red(`Total Errors Found: ${result.errorCount}`))
+      console.error(chalk.yellow(`Total Errors Found: ${result.errorCount}`))
     }
@@ -55,0 +55,0 @@ return result

src/validator/record/index.ts

 import { BaseValidator } from '../base'
-import { Config } from '../../config'
 import { Dns } from '../../dns'
@@ -9,3 +8,3 @@ import http, { IncomingMessage } from 'http'
 import assert from 'assert'
-import { inspect } from 'util'
+import htmlValidator from 'html-validator'
 export class RecordValidator extends BaseValidator {
@@ -85,2 +84,10 @@
 
+  protected async validateHtml(data: string) {
+    const results = await htmlValidator({
+      data,
+      format: 'json'
+    })
+    return results.messages
+  }
+
   protected async checkHttp(value: any) {
@@ -95,3 +102,4 @@ const timeout = this.config.timeout || 1000
       assert(value !== undefined)
-      result = await this.getHttpResponse(value, this.name, timeout, false)
+      const response = await this.getHttpResponse(value, this.name, timeout, false)
+      result = response.result
       await this.validateHeaders(this.config.http.headers, result.headers)
@@ -102,3 +110,15 @@ this.http.push(result)
         this.addError("http", `Unexpected Response Code: ${result.statusCode} [Expected: ${expectedCode}]`)
+      } else {
+        if (this.config.html) {
+          if (result.statusCode === 200) {
+            const results = await this.validateHtml(response.rawData)
+            if (results && results.length > 0) {
+              for (const item of results) {
+                this.addError("html", item)
+              }
+            }
+          }
+        }
       }
+      result.data = undefined
       console.log(chalk.gray(`http[${timeout}]: ${value}: ${result.statusCode}`))
@@ -121,3 +141,4 @@ } catch (ex) {
       assert(value !== undefined)
-      result = await this.getHttpResponse(value, this.name, timeout, true)
+      const response = await this.getHttpResponse(value, this.name, timeout, true)
+      result = response.result
       await this.validateHeaders(this.config.https.headers, result.headers)
@@ -128,2 +149,13 @@ this.https.push(result)
         this.addError("https", `Unexpected Response Code: ${result.statusCode} [Expected: ${expectedCode}]`)
+      } else {
+        if (result.statusCode === 200) {
+          if (this.config.html) {
+            const results = await this.validateHtml(response.rawData)
+            if (results && results.length > 0) {
+              for (const item of results) {
+                this.addError("html", item)
+              }
+            }
+          }
+        }
       }
@@ -211,11 +243,12 @@ console.log(chalk.gray(`https[${timeout}]: ${value}: ${result.statusCode}`))
     const startTime = Date.now()
-    let bytesRead = 0
+    let rawData = ''
     let result: any = {}
     return new Promise<any>((resolve, reject) => {
       try {
+        const bytes = new Buffer(1)
         const req = func.get(`${prefix}://${ip}`, { hostname, timeout }, (res) => {
           result = this.sanitizeResponse(res, Date.now() - startTime)
           result.port = res.socket.remotePort
-          res.on('data', (data) => {
-            bytesRead += data.length
+          res.on('data', (chunk) => {
+            rawData += chunk
           })
@@ -225,4 +258,4 @@ }).on('error', (e) => {
         }).on('close', () => {
-          result.bytesRead = bytesRead
-          resolve(result)
+          result.bytesRead = rawData.length
+          resolve({ result, rawData })
         }).setTimeout(timeout, () => {
@@ -229,0 +262,0 @@ reject(`Timeout [${this.name}]: ${timeout}`)

New alerts

Install scripts

Supply chain risk

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

50843

increased by2.23%

Number of downloads

11

increased by266.67%

Number of package files

32

increased by3.23%

Lines of code

1538

increased by2.19%

Worsened metrics

Dependency count

11

increased by10%

Number of high supply chain risk alerts

1

increased byInfinity%

Dependency changes

• + Addedhtml-validator@^4.0.0

• + Addedasn1@0.2.6(transitive)

• + Addedassert-plus@1.0.0(transitive)

• + Addedasynckit@0.4.0(transitive)

• + Addedaws-sign2@0.7.0(transitive)

• + Addedaws4@1.13.2(transitive)

• + Addedbcrypt-pbkdf@1.0.2(transitive)

• + Addedcaseless@0.12.0(transitive)

• + Addedcombined-stream@1.0.8(transitive)

• + Addedcore-util-is@1.0.2(transitive)

• + Addeddashdash@1.14.1(transitive)

• + Addeddelayed-stream@1.0.0(transitive)

• + Addedecc-jsbn@0.1.2(transitive)

• + Addedextend@3.0.2(transitive)

• + Addedextsprintf@1.3.0(transitive)

• + Addedforever-agent@0.6.1(transitive)

• + Addedform-data@2.3.3(transitive)

• + Addedgetpass@0.1.7(transitive)

• + Addedhar-schema@2.0.0(transitive)

• + Addedhar-validator@5.1.5(transitive)

• + Addedhtml-validator@4.1.1(transitive)

• + Addedhttp-signature@1.2.0(transitive)

• + Addedis-typedarray@1.0.0(transitive)

• + Addedisstream@0.1.2(transitive)

• + Addedjsbn@0.1.1(transitive)

• + Addedjson-schema@0.4.0(transitive)

• + Addedjson-stringify-safe@5.0.1(transitive)

• + Addedjsprim@1.4.2(transitive)

• + Addedmime-db@1.52.0(transitive)

• + Addedmime-types@2.1.35(transitive)

• + Addedoauth-sign@0.9.0(transitive)

• + Addedperformance-now@2.1.0(transitive)

• + Addedpsl@1.15.0(transitive)

• + Addedpunycode@1.4.1(transitive)

• + Addedqs@6.5.3(transitive)

• + Addedrequest@2.88.0(transitive)

• + Addedsafe-buffer@5.2.1(transitive)

• + Addedsafer-buffer@2.1.2(transitive)

• + Addedsshpk@1.18.0(transitive)

• + Addedtough-cookie@2.4.3(transitive)

• + Addedtunnel-agent@0.6.0(transitive)

• + Addedtweetnacl@0.14.5(transitive)

• + Addeduuid@3.4.0(transitive)

• + Addedvalid-url@1.0.9(transitive)

• + Addedverror@1.10.0(transitive)