download - npm Package Compare versions

Comparing version 5.0.3 to 6.0.0

index.js

@@ -6,2 +6,3 @@ 'use strict';
 const caw = require('caw');
+const contentDisposition = require('content-disposition');
 const decompress = require('decompress');
@@ -13,27 +14,24 @@ const filenamify = require('filenamify');
 const pify = require('pify');
+const pEvent = require('p-event');
 
 const fsP = pify(fs);
 
-const createPromise = (uri, output, stream, opts) => {
-	const response = opts.encoding === null ? getStream.buffer(stream) : getStream(stream, opts);
+function filenameFromPath(res) {
+	return path.basename(url.parse(res.requestUrl).pathname);
+}
 
-	return response.then(data => {
-		if (!output && opts.extract) {
-			return decompress(data, opts);
-		}
+function getFilename(res) {
+	const header = res.headers['content-disposition'];
+	if (!header) {
+		return filenameFromPath(res);
+	}
 
-		if (!output) {
-			return data;
-		}
+	const parsed = contentDisposition.parse(res.headers['content-disposition']);
+	if (parsed.type === 'attachment' && parsed.parameters && parsed.parameters.filename) {
+		return parsed.parameters.filename;
+	}
 
-		if (opts.extract) {
-			return decompress(data, path.dirname(output), opts);
-		}
+	return filenameFromPath(res);
+}
 
-		return pify(mkdirp)(path.dirname(output))
-			.then(() => fsP.writeFile(output, data))
-			.then(() => data);
-	});
-};
-
 module.exports = (uri, output, opts) => {
@@ -58,5 +56,30 @@ if (typeof output === 'object') {
 	const stream = got.stream(uri, Object.assign(opts, {agent}));
-	const dest = output ? path.join(output, filenamify(path.basename(uri))) : null;
-	const promise = createPromise(uri, dest, stream, opts);
 
+	const promise = pEvent(stream, 'response').then(res => {
+		const encoding = opts.encoding === null ? 'buffer' : opts.encoding;
+		return Promise.all([getStream(stream, {encoding}), res]);
+	}).then(result => {
+		// TODO: Use destructuring when targeting Node.js 6
+		const data = result[0];
+		const res = result[1];
+
+		if (!output && opts.extract) {
+			return decompress(data, opts);
+		}
+
+		if (!output) {
+			return data;
+		}
+
+		const outputFilepath = path.join(output, filenamify(getFilename(res)));
+
+		if (opts.extract) {
+			return decompress(data, path.dirname(outputFilepath), opts);
+		}
+
+		return pify(mkdirp)(path.dirname(outputFilepath))
+			.then(() => fsP.writeFile(outputFilepath, data))
+			.then(() => data);
+	});
+
 	stream.then = promise.then.bind(promise);
@@ -63,0 +86,0 @@ stream.catch = promise.catch.bind(promise);

package.json

 {
   "name": "download",
-  "version": "5.0.3",
+  "version": "6.0.0",
   "description": "Download and extract files",
@@ -30,2 +30,3 @@ "license": "MIT",
     "caw": "^2.0.0",
+    "content-disposition": "^0.5.2",
     "decompress": "^4.0.0",
@@ -36,2 +37,3 @@ "filenamify": "^2.0.0",
     "mkdirp": "^0.5.1",
+    "p-event": "^1.0.0",
     "pify": "^2.3.0"
@@ -38,0 +40,0 @@ },

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

5750

increased by14.18%

Lines of code

68

increased by36%

Worsened metrics

Dependency count

9

increased by28.57%

Number of medium supply chain risk alerts

1

increased byInfinity%

Dependency changes

• + Addedcontent-disposition@^0.5.2

• + Addedp-event@^1.0.0

• + Addedcontent-disposition@0.5.4(transitive)

• + Addedp-event@1.3.0(transitive)

• + Addedp-finally@1.0.0(transitive)

• + Addedp-timeout@1.2.1(transitive)