helmet-csp - npm Package Compare versions

Comparing version 2.9.1 to 2.9.2

CHANGELOG.md

 # Changelog
 
+## 2.9.2 - 2019-09-20
+### Fixed
+- Fixed a bug where a request from Firefox 4 could delete `default-src` from future responses
+- Fixed tablet PC detection by updating `bowser` subdependency to latest version
+
 ## 2.9.1 - 2019-09-04
@@ -4,0 +9,0 @@ ### Changed

dist/lib/transform-directives-for-browser.js

@@ -52,2 +52,3 @@ "use strict";
                 basePolicy.allow = directives.defaultSrc;
+                directives = Object.assign({}, directives);
                 delete directives.defaultSrc;
@@ -54,0 +55,0 @@ }

package.json

@@ -9,3 +9,3 @@ {
   "description": "Content Security Policy middleware.",
-  "version": "2.9.1",
+  "version": "2.9.2",
   "license": "MIT",
@@ -54,3 +54,3 @@ "keywords": [
   "dependencies": {
-    "bowser": "2.5.4",
+    "bowser": "^2.6.1",
     "camelize": "1.0.0",
@@ -64,4 +64,4 @@ "content-security-policy-builder": "2.1.0",
     "@types/supertest": "^2.0.7",
-    "@typescript-eslint/eslint-plugin": "^2.1.0",
-    "@typescript-eslint/parser": "^2.1.0",
+    "@typescript-eslint/eslint-plugin": "^2.3.0",
+    "@typescript-eslint/parser": "^2.3.0",
     "connect": "^3.7.0",
@@ -73,5 +73,5 @@ "content-security-policy-parser": "^0.3.0",
     "supertest": "^4.0.2",
-    "ts-jest": "^24.0.2",
-    "typescript": "^3.6.2"
+    "ts-jest": "^24.1.0",
+    "typescript": "^3.6.3"
   }
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

33092

increased by0.82%

Lines of code

587

increased by0.17%

Dependency changes

• + Addedbowser@2.11.0(transitive)

• - Removedbowser@2.5.4(transitive)

• Updatedbowser@^2.6.1