New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
fi-aegis - npm Package Compare versions
Comparing version 1.0.0 to 1.0.1
| { | ||
| "name": "fi-aegis", | ||
| "version": "1.0.0", | ||
| "version": "1.0.1", | ||
| "description": "Web Application Security Middleware.", | ||
| "author": "Jeff Harrell <jeharrell@paypal.com>", | ||
| "homepage": "https://github.com/finaldevstudio/fi-aegis", | ||
| "main": "index", | ||
| "license": "MIT", | ||
| "scripts": { | ||
| "test": "./node_modules/.bin/mocha test" | ||
| "test": "node_modules/.bin/mocha test" | ||
| }, | ||
| "repository": { | ||
| "type": "git", | ||
| "url": "https://github.com/krakenjs/lusca.git" | ||
| "url": "git+https://github.com/finaldevstudio/fi-aegis.git" | ||
| }, | ||
| "author": { | ||
| "name": "Jeff Harrell", | ||
| "email": "jeharrell@paypal.com" | ||
| }, | ||
| "publishConfig": { | ||
| "registry": "https://registry.npmjs.org" | ||
| }, | ||
| "licenses": [ | ||
| { | ||
| "type": "MIT", | ||
| "url": "http://www.apache.org/licenses/LICENSE-2.0.html" | ||
| } | ||
| "contributors": [ | ||
| "Santiago G. Marín <santiago@finaldevstudio.com>" | ||
| ], | ||
| "engines": { | ||
| "node": ">=4.x.x" | ||
| "node": ">=4.0.0", | ||
| "npm": ">=3.0.0" | ||
| }, | ||
| "engineStrict": true, | ||
| "dependencies": {}, | ||
| "devDependencies": { | ||
@@ -41,3 +35,24 @@ "body-parser": "^1.6.3", | ||
| }, | ||
| "dependencies": {} | ||
| "bugs": { | ||
| "url": "https://github.com/finaldevstudio/fi-aegis/issues", | ||
| "email": "security@finaldevstudio.com" | ||
| }, | ||
| "directories": { | ||
| "lib": "lib", | ||
| "test": "test" | ||
| }, | ||
| "keywords": [ | ||
| "web", | ||
| "application", | ||
| "security", | ||
| "middleware", | ||
| "express", | ||
| "csrf", | ||
| "xsrf", | ||
| "xframe", | ||
| "csp", | ||
| "xss", | ||
| "hsts", | ||
| "nosniff" | ||
| ] | ||
| } |
@@ -14,2 +14,15 @@ # Fi Aegis | ||
| ## Installation | ||
| **Fi Aegis** is available only as an [NPM](https://www.npmjs.org) package. | ||
| Install using: | ||
| ``` | ||
| npm install fi-aegis | ||
| ``` | ||
| Remember to add the `--save` modifier if you're using an NPM version lower than `5.x.x`. | ||
| ## Usage | ||
@@ -92,4 +105,4 @@ | ||
| | `angular` | `Boolean` | No | `false` | Shorthand setting to set **Fi Aegis** up to use the default settings for CSRF validation according to the [AngularJS docs](https://docs.angularjs.org/api/ng/service/$http#cross-site-request-forgery-xsrf-protection). | | ||
| | `cookie` | `String|Object` | Yes (if `angular` is `false`) | None | If set, a cookie with the name you provide will be set with the CSRF token. | | ||
| | `cookie.name` | `String` | Yes (if `angular` is `false` and cookie is `Object`) | None | The cookie will use the name you provide will be set with the CSRF token. | | ||
| | `cookie` | `String` or `Object` | Yes (if `angular` is `false`) | None | If set, a cookie with the name you provide will be set with the CSRF token. | | ||
| | `cookie.name` | `String` | Yes (if `angular` is `false` and cookie is `Object`) | None | The name you provide will be set as the cookie with the CSRF token. | | ||
| | `cookie.options` | `Object` | No | None | A valid Express cookie options object. See [Express response cookies](http://expressjs.com/en/4x/api.html#res.cookie) for more information. | | ||
@@ -96,0 +109,0 @@ | `header` | `String` | Yes (if `angular` is `false`) | None | If set, the header name you provide will be set with the CSRF token. | |
| # Security Policy | ||
| We take security very seriously and ask that you follow the following process. | ||
| Security is a very important part of our applications and therefore must be treated seriously and professionaly. | ||
| ## Contact us | ||
| If you think you may have found a security bug we ask that you privately send the details to DL-PP-Kraken-Js@paypal.com. Please make sure to use a descriptive title in the email. | ||
| ## Contact Us | ||
| If you think you may have found a bug or flaw please [open an issue](https://github.com/FinalDevStudio/fi-aegis/issues/new) so everyone can help solve it as quickly as possible. | ||
| If the issue is too risky to be put out in the open, please send us an email with the details to [security@finaldevstudio.com](mailto:security@finaldevstudio.com). | ||
| ## Expectations | ||
| We will generally get back to you within **24 hours**, but a more detailed response may take up to **48 hours**. If you feel we're not responding back in time, please send us a message *without detail* on Twitter [@kraken_js](https://twitter.com/kraken_js). | ||
| We will generally get back to you within **24 hours**, but a more detailed response may take up to **48 hours**. | ||
| If you feel we're not responding back in time, please send an email directly to [santiago@finaldevstudio.com](mailto:santiago@finaldevstudio.com) with a link to the issue or indicating that a previous message was sent. | ||
| ## History | ||
| No reported issues | ||
| No reported issues. |
Sorry, the diff of this file is not supported yet
Fixed alerts
Mixed license
License(Experimental) Package contains multiple licenses.
Found 1 instance in 1 package
No bug tracker
MaintenancePackage does not have a linked bug tracker in package.json.
Found 1 instance in 1 package
No website
QualityPackage does not have a website.
Found 1 instance in 1 package
Unidentified License
License(Experimental) Something that seems like a license was found, but its contents could not be matched with a known license.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.68%
25076
- Number of low license alerts
- decreased by-100%
0
- License quality
- increased by25%
100
- Number of low maintenance alerts
- decreased by-50%
1
- Number of low quality alerts
- decreased by-100%
0
- Number of lines in readme file
- increased by4.69%
290
No dependency changes