New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →
https-client
Advanced tools
https-client - npm Package Compare versions
+1
-1
| { | ||
| "name": "https-client", | ||
| "version": "1.4.5", | ||
| "version": "1.4.6", | ||
| "description": "Simple REST client for `node.js` `https` module. Adds retries and timeout support to `https` module.", | ||
@@ -5,0 +5,0 @@ "author": "Will Tesler", |
@@ -182,95 +182,88 @@ module.exports = class HttpsClient { | ||
| const responsePromise = new Promise(resolve => { | ||
| try { | ||
| const req = httpLib.request(requestOptions, res => { | ||
| const data = []; | ||
| const req = httpLib.request(requestOptions, res => { | ||
| const data = []; | ||
| const statusCode = res.statusCode; | ||
| const statusCode = res.statusCode; | ||
| res.on('error', e => { | ||
| cancelResponseTimeout(); | ||
| e.statusCode = statusCode; | ||
| logWarning(e); | ||
| resolve(e); // Network Error | ||
| }); | ||
| res.on('data', chunk => { | ||
| cancelResponseTimeout(); | ||
| if (onChunk) { | ||
| try { | ||
| onChunk(chunk); | ||
| } catch (e) { | ||
| logWarning(e); | ||
| resolve(e); | ||
| } | ||
| } else { | ||
| data.push(chunk); | ||
| res.on('error', e => { | ||
| cancelResponseTimeout(); | ||
| e.statusCode = statusCode; | ||
| logWarning(e); | ||
| resolve(e); // Network Error | ||
| }); | ||
| res.on('data', chunk => { | ||
| cancelResponseTimeout(); | ||
| if (onChunk) { | ||
| try { | ||
| onChunk(chunk); | ||
| } catch (e) { | ||
| logWarning(e); | ||
| resolve(e); | ||
| } | ||
| }); | ||
| res.on('end', () => { | ||
| if (didTimeout) { | ||
| resolve(); | ||
| return; | ||
| } | ||
| } else { | ||
| data.push(chunk); | ||
| } | ||
| }); | ||
| res.on('end', () => { | ||
| if (didTimeout) { | ||
| resolve(); | ||
| return; | ||
| } | ||
| cancelResponseTimeout(); | ||
| clearTimeout(deadlineTimeout); | ||
| cancelResponseTimeout(); | ||
| clearTimeout(deadlineTimeout); | ||
| const responseStr = buffer.concat(data).toString(); | ||
| let response; | ||
| if (headers['Accept'] === 'application/json') { | ||
| try { | ||
| response = JSON.parse(responseStr); | ||
| if (!response.statusCode) { | ||
| response.statusCode = statusCode; | ||
| } | ||
| } catch (e) { | ||
| // Everything is fine. | ||
| const responseStr = buffer.concat(data).toString(); | ||
| let response; | ||
| if (headers['Accept'] === 'application/json') { | ||
| try { | ||
| response = JSON.parse(responseStr); | ||
| if (!response.statusCode) { | ||
| response.statusCode = statusCode; | ||
| } | ||
| } catch (e) { | ||
| // Everything is fine. | ||
| } | ||
| } | ||
| if (!response) { | ||
| response = { | ||
| data: responseStr, | ||
| statusCode: statusCode | ||
| }; | ||
| } | ||
| if (!response) { | ||
| response = { | ||
| data: responseStr, | ||
| statusCode: statusCode | ||
| }; | ||
| } | ||
| if (statusCode >= 400) { | ||
| logWarning(response); | ||
| let responseStr = response; | ||
| const serverError = new Error(`Received not OK status code with call to ${host}${path}`); | ||
| serverError.statusCode = statusCode; | ||
| if (typeof response === 'string') { | ||
| serverError.message = `Received ${statusCode} code. Response treated as rejection. Full response: ${responseStr}`; | ||
| } else { | ||
| Object.assign(serverError, response); | ||
| } | ||
| resolve(serverError); | ||
| if (statusCode >= 400) { | ||
| logWarning(response); | ||
| let responseStr = response; | ||
| const serverError = new Error(`Received not OK status code with call to ${host}${path}`); | ||
| serverError.statusCode = statusCode; | ||
| if (typeof response === 'string') { | ||
| serverError.message = `Received ${statusCode} code. Response treated as rejection. Full response: ${responseStr}`; | ||
| } else { | ||
| // Success | ||
| didSucceed = true; | ||
| resolve(response); | ||
| Object.assign(serverError, response); | ||
| } | ||
| }); | ||
| resolve(serverError); | ||
| } else { | ||
| // Success | ||
| didSucceed = true; | ||
| resolve(response); | ||
| } | ||
| }); | ||
| }); | ||
| if (abortSignal) { | ||
| abortSignal.addEventListener('abort', () => { | ||
| req.destroy(); | ||
| const error = new Error('Aborted'); | ||
| error.statusCode = 499; | ||
| resolve(error); | ||
| }, {once: true}); | ||
| } | ||
| if (abortSignal) { | ||
| abortSignal.addEventListener('abort', () => { | ||
| req.destroy(); | ||
| const error = new Error('Aborted'); | ||
| error.statusCode = 499; | ||
| resolve(error); | ||
| }, {once: true}); | ||
| } | ||
| if (type === 'POST' || type === 'PUT' || type === 'DELETE') { | ||
| req.write(body); | ||
| } | ||
| if (type === 'POST' || type === 'PUT' || type === 'DELETE') { | ||
| req.write(body); | ||
| } | ||
| req.end(); | ||
| } catch (e) { | ||
| cancelResponseTimeout(); | ||
| e.statusCode = e.code; | ||
| logWarning(e); | ||
| resolve(e); // Network Error | ||
| } | ||
| req.end(); | ||
| }); | ||
@@ -277,0 +270,0 @@ |
New alerts
Network access
Supply chain riskThis module accesses the network.
Found 2 instances in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Fixed alerts
Network access
Supply chain riskThis module accesses the network.
Found 2 instances in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Worsened metrics
- Total package byte prevSize
12047
-2.74%- Lines of code
260
-2.62%No dependency changes