express-security-txt
Advanced tools
express-security-txt - npm Package Compare versions
Comparing version 2.5.1 to 3.0.0
@@ -7,4 +7,3 @@ const securityTxt = require('../index') | ||
| encryption: 'https://www.mykey.com/pgp-key.txt', | ||
| acknowledgments: 'thank you', | ||
| permission: 'none' | ||
| acknowledgments: 'thank you' | ||
| } | ||
@@ -17,4 +16,3 @@ | ||
| 'Encryption: https://www.mykey.com/pgp-key.txt\n' + | ||
| 'Acknowledgments: thank you\n' + | ||
| 'Permission: none\n' | ||
| 'Acknowledgments: thank you\n' | ||
| ) | ||
@@ -63,6 +61,5 @@ }) | ||
| test('formats successfully with policy, hiring and signature fields', () => { | ||
| test('formats successfully with policy and hiring fields', () => { | ||
| const options = { | ||
| contact: 'email@example.com', | ||
| signature: 'http://example.com/.well-known/signature.txt.sig', | ||
| policy: 'http://example.com/policy.txt', | ||
@@ -76,3 +73,2 @@ hiring: 'http://example.com/hiring.txt' | ||
| 'Contact: email@example.com\n' + | ||
| 'Signature: http://example.com/.well-known/signature.txt.sig\n' + | ||
| 'Policy: http://example.com/policy.txt\n' + | ||
@@ -83,16 +79,2 @@ 'Hiring: http://example.com/hiring.txt\n' | ||
| test('formats successfully with "none" not in lowercase for Permission: directive', () => { | ||
| const options = { | ||
| contact: 'email@example.com', | ||
| permission: 'NoNe' | ||
| } | ||
| const res = securityTxt.formatSecurityPolicy(options) | ||
| expect(res).toBe( | ||
| 'Contact: email@example.com\n' + | ||
| 'Permission: NoNe\n' | ||
| ) | ||
| }) | ||
| test('camelCasing works for different types of directives', () => { | ||
@@ -99,0 +81,0 @@ expect(securityTxt.camelCase('Abc')).toBe('abc') |
@@ -7,3 +7,4 @@ const securityTxt = require('../index') | ||
| encryption: 'https://www.mykey.com/pgp-key.txt', | ||
| acknowledgments: 'thank you' | ||
| acknowledgments: 'thank you', | ||
| canonical: 'https://example.com/.well-known/security.txt' | ||
| } | ||
@@ -83,11 +84,2 @@ | ||
| test('validate fails when signature property is not a string', () => { | ||
| const options = { | ||
| contact: 'email@example.com', | ||
| signature: {} | ||
| } | ||
| expect(() => securityTxt.validatePolicyFields(options)).toThrow() | ||
| }) | ||
| test('validate fails when hiring property is not a string', () => { | ||
@@ -102,20 +94,2 @@ const options = { | ||
| test('validate fails when permission property is not a string', () => { | ||
| const options = { | ||
| contact: 'email@example.com', | ||
| permission: {} | ||
| } | ||
| expect(() => securityTxt.validatePolicyFields(options)).toThrow() | ||
| }) | ||
| test('validate fails when permission property is not "none"', () => { | ||
| const options = { | ||
| contact: 'email@example.com', | ||
| permission: 'notnone' | ||
| } | ||
| expect(() => securityTxt.validatePolicyFields(options)).toThrow() | ||
| }) | ||
| test('validate successfully when providing arrays', () => { | ||
@@ -133,12 +107,2 @@ const options = { | ||
| test('validate fails when providing arrays for signature/permission', () => { | ||
| const options = { | ||
| contact: 'abc', | ||
| signature: ['a', 'b', 'c'], | ||
| permission: ['none'] | ||
| } | ||
| expect(() => securityTxt.validatePolicyFields(options)).toThrow() | ||
| }) | ||
| test('validate successfully when using prefix/postfix comments', () => { | ||
@@ -225,2 +189,11 @@ const options = { | ||
| test('passing an array for Canonical fails', () => { | ||
| const options = { | ||
| contact: '...', | ||
| canonical: ['...', '...'] | ||
| } | ||
| expect(() => securityTxt.validatePolicyFields(options)).toThrow() | ||
| }) | ||
| test('validate successfully for the preferredLanguages key', () => { | ||
@@ -227,0 +200,0 @@ const optionsWithArray = { |
| 'use strict' | ||
| const Joi = require('joi') | ||
| const DIRECTIVES = ['Contact', 'Encryption', 'Acknowledgments', 'Preferred-Languages', 'Signature', 'Policy', 'Hiring', 'Permission'] | ||
| const DIRECTIVES = ['Contact', 'Encryption', 'Canonical', 'Acknowledgments', 'Preferred-Languages', 'Policy', 'Hiring'] | ||
@@ -196,3 +196,2 @@ /** | ||
| contact: fieldValue({ required: true }), | ||
| permission: fieldValue({ canBeArray: false, singleValue: string.only('none').insensitive() }), | ||
| encryption: fieldValue({ singleValue: string.regex(/^(?!http:)/i) }), | ||
@@ -202,3 +201,3 @@ preferredLanguages: fieldValue({ canBeArray: false, singleValue: array.items(string) }), | ||
| hiring: fieldValue(), | ||
| signature: fieldValue({ canBeArray: false }), | ||
| canonical: fieldValue({ canBeArray: false }), | ||
| _postfixComment: comment | ||
@@ -205,0 +204,0 @@ } |
| { | ||
| "name": "express-security-txt", | ||
| "version": "2.5.1", | ||
| "version": "3.0.0", | ||
| "description": "Express middleware that implements a security.txt path and policy", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Worsened metrics
- Total package byte prevSize
- decreased by-0.42%
310225
- Lines of code
- decreased by-6%
580