http-signature
Advanced tools
Comparing version 1.3.0 to 1.3.1
| # node-http-signature changelog | ||
| ## not yet released | ||
| (nothing yet) | ||
| ## 1.3.1 | ||
| - Fix node 0.10 usage (#90) | ||
| ## 1.3.0 | ||
| **Known issue:** This release broken http-signature with node 0.10. | ||
| - Bump dependency `sshpk` | ||
| - Add `Signature` header support (#83) | ||
| ## 1.2.0 | ||
| - Bump dependency `assert-plus` | ||
| - Add ability to pass a custom header name | ||
| - Replaced dependency `node-uuid` with `uuid` | ||
| ## 1.1.1 | ||
@@ -30,3 +51,3 @@ | ||
| - #36: Ensure verifySignature does not leak useful timing information | ||
| - #42: Bring the library up to the latest version of the spec (including the | ||
| - #42: Bring the library up to the latest version of the spec (including the | ||
| request-target changes) | ||
@@ -33,0 +54,0 @@ - Support for ECDSA keys and signatures. |
@@ -122,6 +122,8 @@ // Copyright 2012 Joyent, Inc. All rights reserved. | ||
| var authzHeaderName = options.authorizationHeaderName; | ||
| var authz = headers[authzHeaderName] || headers[utils.HEADER.AUTH] || headers[utils.HEADER.SIG]; | ||
| var authz = headers[authzHeaderName] || headers[utils.HEADER.AUTH] || | ||
| headers[utils.HEADER.SIG]; | ||
| if (!authz) { | ||
| var errHeader = authzHeaderName ? authzHeaderName : utils.HEADER.AUTH + ' or ' + utils.HEADER.SIG; | ||
| var errHeader = authzHeaderName ? authzHeaderName : | ||
| utils.HEADER.AUTH + ' or ' + utils.HEADER.SIG; | ||
@@ -128,0 +130,0 @@ throw new MissingHeaderError('no ' + errHeader + ' header ' + |
@@ -393,3 +393,5 @@ // Copyright 2012 Joyent, Inc. All rights reserved. | ||
| var FMT = authzHeaderName.toLowerCase() === utils.HEADER.SIG ? SIGNATURE_FMT : AUTHZ_FMT; | ||
| var FMT = authzHeaderName.toLowerCase() === utils.HEADER.SIG ? | ||
| SIGNATURE_FMT : AUTHZ_FMT; | ||
| request.setHeader(authzHeaderName, sprintf(FMT, | ||
@@ -396,0 +398,0 @@ options.keyId, |
@@ -62,3 +62,3 @@ // Copyright 2012 Joyent, Inc. All rights reserved. | ||
| module.exports = { | ||
| HEADER, | ||
| HEADER: HEADER, | ||
@@ -65,0 +65,0 @@ HASH_ALGOS: HASH_ALGOS, |
| { | ||
| "name": "http-signature", | ||
| "description": "Reference implementation of Joyent's HTTP Signature scheme.", | ||
| "version": "1.3.0", | ||
| "version": "1.3.1", | ||
| "license": "MIT", | ||
@@ -23,6 +23,8 @@ "author": "Joyent, Inc", | ||
| "engines": { | ||
| "node": ">=0.8", | ||
| "npm": ">=1.3.7" | ||
| "node": ">=0.10" | ||
| }, | ||
| "main": "lib/index.js", | ||
| "files": [ | ||
| "lib" | ||
| ], | ||
| "scripts": { | ||
@@ -29,0 +31,0 @@ "test": "tap test/*.js" |
New alerts
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Fixed alerts
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Improved metrics
- Lines of code
- increased by0.38%
802
Worsened metrics
- Total package byte prevSize
- decreased by-28.02%
35043
- Number of package files
- decreased by-18.18%
9