global-agent
Advanced tools
Comparing version 2.1.11 to 2.1.12
@@ -10,2 +10,4 @@ "use strict"; | ||
var _boolean = require("boolean"); | ||
var _Logger = _interopRequireDefault(require("../Logger")); | ||
@@ -115,3 +117,3 @@ | ||
pfx: configuration.pfx, | ||
rejectUnauthorized: configuration.rejectUnauthorized || false, | ||
rejectUnauthorized: configuration.rejectUnauthorized, | ||
secureOptions: configuration.secureOptions, | ||
@@ -121,3 +123,11 @@ secureProtocol: configuration.secureProtocol, | ||
sessionIdContext: configuration.sessionIdContext | ||
}; | ||
}; // This is not ideal because there is no way to override this setting using `tls` configuration if `NODE_TLS_REJECT_UNAUTHORIZED=0`. | ||
// However, popular HTTP clients (such as https://github.com/sindresorhus/got) come with pre-configured value for `rejectUnauthorized`, | ||
// which makes it impossible to override that value globally and respect `rejectUnauthorized` for specific requests only. | ||
// | ||
// eslint-disable-next-line no-process-env | ||
if (typeof process.env.NODE_TLS_REJECT_UNAUTHORIZED === 'string' && (0, _boolean.boolean)(process.env.NODE_TLS_REJECT_UNAUTHORIZED) === false) { | ||
connectionConfiguration.tls.rejectUnauthorized = false; | ||
} | ||
} // $FlowFixMe It appears that Flow is missing the method description. | ||
@@ -124,0 +134,0 @@ |
@@ -64,3 +64,3 @@ "use strict"; | ||
forceGlobalAgent: typeof environment.GLOBAL_AGENT_FORCE_GLOBAL_AGENT === 'string' ? (0, _boolean.boolean)(environment.GLOBAL_AGENT_FORCE_GLOBAL_AGENT) : true, | ||
socketConnectionTimeout: typeof environment.GLOBAL_AGENT_SOCKET_CONNECTION_TIMEOUT === 'string' ? parseInt(environment.GLOBAL_AGENT_SOCKET_CONNECTION_TIMEOUT, 10) : defaultConfigurationInput.socketConnectionTimeout | ||
socketConnectionTimeout: typeof environment.GLOBAL_AGENT_SOCKET_CONNECTION_TIMEOUT === 'string' ? Number.parseInt(environment.GLOBAL_AGENT_SOCKET_CONNECTION_TIMEOUT, 10) : defaultConfigurationInput.socketConnectionTimeout | ||
}; // $FlowFixMe | ||
@@ -67,0 +67,0 @@ |
@@ -18,3 +18,3 @@ "use strict"; | ||
const subjectUrlTokens = (0, _url.parse)(subjectUrl); | ||
const rules = noProxy.split(/[,\s]/); | ||
const rules = noProxy.split(/[\s,]/); | ||
@@ -21,0 +21,0 @@ for (const rule of rules) { |
@@ -30,3 +30,3 @@ "use strict"; | ||
if (urlTokens.port) { | ||
port = parseInt(urlTokens.port, 10); | ||
port = Number.parseInt(urlTokens.port, 10); | ||
} | ||
@@ -33,0 +33,0 @@ |
@@ -21,37 +21,37 @@ { | ||
"dependencies": { | ||
"boolean": "^3.0.0", | ||
"core-js": "^3.6.4", | ||
"boolean": "^3.0.1", | ||
"core-js": "^3.6.5", | ||
"es6-error": "^4.1.1", | ||
"matcher": "^2.1.0", | ||
"roarr": "^2.15.2", | ||
"semver": "^7.1.2", | ||
"serialize-error": "^5.0.0" | ||
"matcher": "^3.0.0", | ||
"roarr": "^2.15.3", | ||
"semver": "^7.3.2", | ||
"serialize-error": "^7.0.1" | ||
}, | ||
"description": "Global HTTP/HTTPS proxy configurable using environment variables.", | ||
"devDependencies": { | ||
"@ava/babel": "^1.0.0", | ||
"@babel/cli": "^7.8.4", | ||
"@babel/core": "^7.8.4", | ||
"@babel/node": "^7.8.4", | ||
"@babel/plugin-transform-flow-strip-types": "^7.8.3", | ||
"@babel/preset-env": "^7.8.4", | ||
"@babel/register": "^7.8.3", | ||
"@ava/babel": "^1.0.1", | ||
"@babel/cli": "^7.10.1", | ||
"@babel/core": "^7.10.2", | ||
"@babel/node": "^7.10.1", | ||
"@babel/plugin-transform-flow-strip-types": "^7.10.1", | ||
"@babel/preset-env": "^7.10.2", | ||
"@babel/register": "^7.10.1", | ||
"anyproxy": "^4.1.2", | ||
"ava": "^3.1.0", | ||
"ava": "^3.8.2", | ||
"axios": "^0.19.2", | ||
"babel-plugin-istanbul": "^6.0.0", | ||
"babel-plugin-transform-export-default-name": "^2.0.4", | ||
"coveralls": "^3.0.9", | ||
"eslint": "^6.8.0", | ||
"eslint-config-canonical": "^18.1.1", | ||
"flow-bin": "^0.117.0", | ||
"coveralls": "^3.1.0", | ||
"eslint": "^7.1.0", | ||
"eslint-config-canonical": "^20.0.5", | ||
"flow-bin": "^0.125.1", | ||
"flow-copy-source": "^2.0.9", | ||
"get-port": "^5.1.1", | ||
"got": "^10.4.0", | ||
"husky": "^4.2.1", | ||
"nyc": "^15.0.0", | ||
"got": "^11.1.4", | ||
"husky": "^4.2.5", | ||
"nyc": "^15.1.0", | ||
"pem": "^1.14.4", | ||
"request": "^2.88.0", | ||
"semantic-release": "^17.0.2", | ||
"sinon": "^8.1.1" | ||
"request": "^2.88.2", | ||
"semantic-release": "^17.0.8", | ||
"sinon": "^9.0.2" | ||
}, | ||
@@ -104,5 +104,5 @@ "engines": { | ||
"lint": "eslint ./src ./test && flow", | ||
"test": "NODE_ENV=test nyc ava --verbose --serial" | ||
"test": "NODE_TLS_REJECT_UNAUTHORIZED=false NODE_ENV=test nyc ava --verbose --serial" | ||
}, | ||
"version": "2.1.11" | ||
"version": "2.1.12" | ||
} |
@@ -170,3 +170,2 @@ # global-agent | ||
* @property socketConnectionTimeout Destroys socket if connection is not established within the timeout. (Default: `60000`) | ||
* @property tls `tls.connect()` options. | ||
*/ | ||
@@ -177,3 +176,2 @@ type ProxyAgentConfigurationInputType = {| | ||
+socketConnectionTimeout?: number, | ||
+tls?: TlsConfigurationType, | ||
|}; | ||
@@ -180,0 +178,0 @@ |
@@ -6,2 +6,5 @@ // @flow | ||
} from 'serialize-error'; | ||
import { | ||
boolean, | ||
} from 'boolean'; | ||
import Logger from '../Logger'; | ||
@@ -147,3 +150,3 @@ import type { | ||
pfx: configuration.pfx, | ||
rejectUnauthorized: configuration.rejectUnauthorized || false, | ||
rejectUnauthorized: configuration.rejectUnauthorized, | ||
secureOptions: configuration.secureOptions, | ||
@@ -154,2 +157,11 @@ secureProtocol: configuration.secureProtocol, | ||
}; | ||
// This is not ideal because there is no way to override this setting using `tls` configuration if `NODE_TLS_REJECT_UNAUTHORIZED=0`. | ||
// However, popular HTTP clients (such as https://github.com/sindresorhus/got) come with pre-configured value for `rejectUnauthorized`, | ||
// which makes it impossible to override that value globally and respect `rejectUnauthorized` for specific requests only. | ||
// | ||
// eslint-disable-next-line no-process-env | ||
if (typeof process.env.NODE_TLS_REJECT_UNAUTHORIZED === 'string' && boolean(process.env.NODE_TLS_REJECT_UNAUTHORIZED) === false) { | ||
connectionConfiguration.tls.rejectUnauthorized = false; | ||
} | ||
} | ||
@@ -156,0 +168,0 @@ |
@@ -66,3 +66,3 @@ // @flow | ||
forceGlobalAgent: typeof environment.GLOBAL_AGENT_FORCE_GLOBAL_AGENT === 'string' ? parseBoolean(environment.GLOBAL_AGENT_FORCE_GLOBAL_AGENT) : true, | ||
socketConnectionTimeout: typeof environment.GLOBAL_AGENT_SOCKET_CONNECTION_TIMEOUT === 'string' ? parseInt(environment.GLOBAL_AGENT_SOCKET_CONNECTION_TIMEOUT, 10) : defaultConfigurationInput.socketConnectionTimeout, | ||
socketConnectionTimeout: typeof environment.GLOBAL_AGENT_SOCKET_CONNECTION_TIMEOUT === 'string' ? Number.parseInt(environment.GLOBAL_AGENT_SOCKET_CONNECTION_TIMEOUT, 10) : defaultConfigurationInput.socketConnectionTimeout, | ||
}; | ||
@@ -69,0 +69,0 @@ |
@@ -14,3 +14,3 @@ // @flow | ||
const rules = noProxy.split(/[,\s]/); | ||
const rules = noProxy.split(/[\s,]/); | ||
@@ -17,0 +17,0 @@ for (const rule of rules) { |
@@ -28,3 +28,3 @@ // @flow | ||
if (urlTokens.port) { | ||
port = parseInt(urlTokens.port, 10); | ||
port = Number.parseInt(urlTokens.port, 10); | ||
} | ||
@@ -31,0 +31,0 @@ |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
125129
1285
240
12
+ Addedcore-js@3.37.0(transitive)
+ Addedescape-string-regexp@4.0.0(transitive)
+ Addedmatcher@3.0.0(transitive)
+ Addedserialize-error@7.0.1(transitive)
+ Addedtype-fest@0.13.1(transitive)
- Removedcore-js@3.37.1(transitive)
- Removedescape-string-regexp@2.0.0(transitive)
- Removedmatcher@2.1.0(transitive)
- Removedserialize-error@5.0.0(transitive)
- Removedtype-fest@0.8.1(transitive)
Updatedboolean@^3.0.1
Updatedcore-js@^3.6.5
Updatedmatcher@^3.0.0
Updatedroarr@^2.15.3
Updatedsemver@^7.3.2
Updatedserialize-error@^7.0.1