helmet - npm Package Compare versions

Comparing version 3.23.0 to 3.23.1

CHANGELOG.md

 # Changelog
 
+## 3.23.1 - 2020-06-16
+
+### Changed
+
+- `helmet.ieNoOpen` is no longer a separate package. This should have no effect on end users.
+
 ## 3.23.0 - 2020-06-12
@@ -4,0 +10,0 @@

dist/index.js

 "use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+var x_download_options_1 = __importDefault(require("./middlewares/x-download-options"));
 var depd = require("depd");
@@ -79,3 +83,3 @@ var deprecate = depd("helmet");
 helmet.hsts = require("hsts");
-helmet.ieNoOpen = require("ienoopen");
+helmet.ieNoOpen = x_download_options_1.default;
 helmet.noSniff = require("dont-sniff-mimetype");
@@ -82,0 +86,0 @@ helmet.permittedCrossDomainPolicies = require("helmet-crossdomain");

package.json

@@ -8,3 +8,3 @@ {
   "description": "help secure Express/Connect apps with various HTTP headers",
-  "version": "3.23.0",
+  "version": "3.23.1",
   "keywords": [
@@ -40,3 +40,4 @@ "security",
     "SECURITY.md",
-    "dist/index.js"
+    "dist/index.js",
+    "dist/middlewares/x-download-options/index.js"
   ],
@@ -55,3 +56,2 @@ "dependencies": {
     "hsts": "2.2.0",
-    "ienoopen": "1.1.0",
     "nocache": "2.1.0",
@@ -85,2 +85,3 @@ "referrer-policy": "1.2.0",
     "build": "npm run clean && tsc",
+    "build-middleware-package": "npm run build && ./bin/build-middleware-package.js",
     "test": "jest"
@@ -87,0 +88,0 @@ },

README.md

@@ -62,3 +62,3 @@ # Helmet
 
-Helmet is a collection of 12 smaller middleware functions that set HTTP response headers. Running `app.use(helmet())` will not include all of these middleware functions by default.
+Helmet is a collection of 11 smaller middleware functions that set HTTP response headers. Running `app.use(helmet())` will not include all of these middleware functions by default.
 
@@ -71,3 +71,2 @@ | Module                                                                                                        | Default? |
 | [expectCt](https://helmetjs.github.io/docs/expect-ct/) for handling Certificate Transparency                  |          |
-| [featurePolicy](https://helmetjs.github.io/docs/feature-policy/) to limit your site's features                |          |
 | [frameguard](https://helmetjs.github.io/docs/frameguard/) to prevent clickjacking                             | ✓        |
@@ -74,0 +73,0 @@ | [hidePoweredBy](https://helmetjs.github.io/docs/hide-powered-by) to remove the X-Powered-By header            | ✓        |

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

31167

increased by2.28%

Dependency count

14

decreased by-6.67%

Number of package files

9

increased by12.5%

Lines of code

102

increased by17.24%

Worsened metrics

Number of lines in readme file

79

decreased by-1.25%

Dependency changes

• - Removedienoopen@1.1.0

• - Removedienoopen@1.1.0(transitive)