filter-pouch - npm Package Compare versions

Comparing version 0.1.1 to 0.1.2

bower.json

 {
   "name": "filter-pouch",
   "main": "dist/pouchdb.filter-pouch.js",
-  "version": "0.1.1",
+  "version": "0.1.2",
   "homepage": "https://github.com/nolanlawson/filter-pouch",
@@ -6,0 +6,0 @@ "authors": [

package.json

 {
   "name": "filter-pouch",
-  "version": "0.1.1",
+  "version": "0.1.2",
   "description": "Filter Pouch - a PouchDB plugin for filtering documents",
@@ -58,5 +58,2 @@ "main": "index.js",
   },
-  "peerDependencies": {
-    "pouchdb": ">= 2.2.0"
-  },
   "browser": {
@@ -63,0 +60,0 @@ "crypto": false

README.md

@@ -67,3 +67,3 @@ Filter Pouch
 * `incoming` functions apply to `put()`, `post()`, `bulkDocs()`, and incoming replications.
-* `outgoing` functions apply to `get()`, `allDocs()`, `changes()`, and outgoing replications.
+* `outgoing` functions apply to `get()`, `allDocs()`, `changes()`, `query()`, and outgoing replications.
 * The `filter()` method is synchronous - no need for callbacks or promises.
@@ -139,2 +139,17 @@
 
+Note on query()
+---------
+
+Since the remote CouchDB doesn't have accesss to the unfiltered document, map/reduce functions in CouchDB will be applies to the unfiltered version. PouchDB doesn't have this limitation, because everything is local.
+
+So for instance, if you try to `emit()` an encrypted field:
+
+```js
+function (doc) {
+  emit(doc.secret, 'shhhhh');
+}
+```
+
+... the emitted key will be encrypted when you `query()` a remote database but decrypted when you `query()` a local database. So be aware that the functionality is not exactly the same.
+
 Building
@@ -141,0 +156,0 @@ ----

test/test.js

@@ -624,10 +624,33 @@ /*jshint expr:true */
       }).then(function (res) {
-          res.results.should.have.length(1);
-          res.results[0].doc.secret.should.equal('my super secret text!');
-          return changesCompletePromise(new Pouch(dbName), {include_docs: true});
+        res.results.should.have.length(1);
+        res.results[0].doc.secret.should.equal('my super secret text!');
+        return changesCompletePromise(new Pouch(dbName), {include_docs: true});
+      }).then(function (res) {
+        res.results.should.have.length(1);
+        res.results[0].doc.secret.should.equal(encrypt('my super secret text!'));
+      });
+    });
+
+    // only works locally, since the remote Couch can't see the
+    // unencrypted field
+    if (dbType === 'local') {
+      it('test encryption/decryption with map/reduce', function () {
+        filter(db);
+        var mapFun = {
+          map: function (doc) {
+            emit(doc.secret);
+          }
+        };
+        return db.put({_id: 'doc', secret: 'my super secret text!'}).then(function () {
+          return db.query(mapFun);
         }).then(function (res) {
-          res.results.should.have.length(1);
-          res.results[0].doc.secret.should.equal(encrypt('my super secret text!'));
+          res.rows.should.have.length(1);
+          res.rows[0].key.should.equal('my super secret text!');
+          return new Pouch(dbName).query(mapFun);
+        }).then(function (res) {
+          res.rows.should.have.length(1);
+          res.rows[0].key.should.equal(encrypt('my super secret text!'));
         });
-    });
+      });
+    }
   });
@@ -634,0 +657,0 @@

New alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 13 instances in 1 package

Fixed alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

776455

increased by0.14%

Dependency count

5

decreased by-16.67%

Lines of code

22509

increased by0.1%

Number of lines in readme file

192

increased by8.47%

Number of low supply chain risk alerts

28

decreased by-39.13%

No dependency changes