http-signature
Advanced tools
Comparing version 1.3.1 to 1.3.2
@@ -7,2 +7,6 @@ # node-http-signature changelog | ||
| ## 1.3.2 | ||
| - Allow Buffers to be used for verifyHMAC (#98) | ||
| ## 1.3.1 | ||
@@ -9,0 +13,0 @@ |
@@ -47,3 +47,3 @@ // Copyright 2015 Joyent, Inc. | ||
| * @param {Object} parsedSignature the object you got from `parse`. | ||
| * @param {String} secret HMAC shared secret. | ||
| * @param {String} or {Buffer} secret HMAC shared secret. | ||
| * @return {Boolean} true if valid, false otherwise. | ||
@@ -55,3 +55,3 @@ * @throws {TypeError} if you pass in bad arguments. | ||
| assert.object(parsedSignature, 'parsedHMAC'); | ||
| assert.string(secret, 'secret'); | ||
| assert(typeof (secret) === 'string' || Buffer.isBuffer(secret)); | ||
@@ -58,0 +58,0 @@ var alg = validateAlgorithm(parsedSignature.algorithm); |
| { | ||
| "name": "http-signature", | ||
| "description": "Reference implementation of Joyent's HTTP Signature scheme.", | ||
| "version": "1.3.1", | ||
| "version": "1.3.2", | ||
| "license": "MIT", | ||
@@ -6,0 +6,0 @@ "author": "Joyent, Inc", |
Fixed alerts
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.29%
35146
- Number of medium supply chain risk alerts
- decreased by-100%
0
No dependency changes