jose-simple - npm Package Compare versions

Comparing version 1.2.0 to 1.2.1

package.json

 {
   "name": "jose-simple",
-  "version": "1.2.0",
-  "description": "A very simple JOSE encryption/decription utility",
+  "version": "1.2.1",
+  "description": "Simplifies JOSE encryption and decription.",
   "engines": {
-    "node": ">= 10.14.1",
-    "npm": ">= 4.1.0"
+    "node": ">= 10.12.0"
   },
+  "files": [
+    "/package*.json",
+    "/CONTRIBUTING.md",
+    "/src"
+  ],
   "main": "index.js",
   "scripts": {
     "test": "npm run test:unit",
-    "test:unit": "find ./test/unit -name '*_spec.js' | NODE_ENV=test xargs mocha --require ./test/unit/test_helper.js",
+    "test:unit": "find ./test/unit -name '*.test.js' | NODE_ENV=test xargs mocha --require ./test/unit/testHelper.js",
     "eslint-check": "eslint --print-config .eslintrc.js | eslint-config-prettier-check",
     "lint": "eslint .",
     "prettier": "prettier --single-quote --no-semi --write '**/*.{js,json}'",
-    "test:unit:cov": "find ./test/unit -name '*_spec.js' | NODE_ENV=test xargs nyc mocha --require ./test/unit/test_helper.js"
+    "test:unit:cov": "find ./test/unit -name '*.test.js' | NODE_ENV=test xargs nyc mocha --require ./test/unit/testHelper.js"
   },
@@ -61,22 +65,22 @@ "lint-staged": {
     "chai-as-promised": "^7.1.1",
-    "eslint": "^5.9.0",
-    "eslint-config-prettier": "^3.3.0",
+    "eslint": "^5.13.0",
+    "eslint-config-prettier": "^3.6.0",
     "eslint-config-standard": "^12.0.0",
-    "eslint-plugin-import": "^2.14.0",
-    "eslint-plugin-mocha": "^5.2.0",
-    "eslint-plugin-node": "^8.0.0",
-    "eslint-plugin-prettier": "^3.0.0",
+    "eslint-plugin-import": "^2.16.0",
+    "eslint-plugin-mocha": "^5.2.1",
+    "eslint-plugin-node": "^8.0.1",
+    "eslint-plugin-prettier": "^3.0.1",
     "eslint-plugin-promise": "^4.0.1",
     "eslint-plugin-standard": "^4.0.0",
     "faker": "^4.1.0",
-    "husky": "^1.2.0",
-    "lint-staged": "^8.1.0",
+    "husky": "^1.3.1",
+    "lint-staged": "^8.1.3",
     "mocha": "^5.2.0",
-    "nyc": "^13.1.0",
-    "prettier": "^1.15.3",
-    "sinon": "^7.1.1",
+    "nyc": "^13.2.0",
+    "prettier": "^1.16.4",
+    "sinon": "^7.2.3",
     "sinon-chai": "^3.3.0"
   },
   "dependencies": {
-    "node-jose": "^1.1.0"
+    "node-jose": "^1.1.1"
   },
@@ -83,0 +87,0 @@ "greenkeeper": {

README.md

@@ -7,8 +7,10 @@ ## jose-simple
 
-Jose-Simple allows the encryption and decryption of data using the JOSE (JSON Object Signing and Encryption) standard.
+Jose-Simple simplifies the encryption and decryption of data using the JOSE (JSON Object Signing and Encryption) standard.
 
-It depends on [`node-jose`](https://github.com/cisco/node-jose) by Cisco.
+## Caveats
 
-**Requires Node 10.14.1 (LTS) or better** if you want to run the tests.
-Works fine under Node 11.3+, and might run under versions of node going back to 8.x but no further.
+* The project depends on [`node-jose`](https://github.com/cisco/node-jose) by Cisco.
+* `node-jose` [does not allow you to use private keys with passwords](https://github.com/cisco/node-jose/issues/69#issuecomment-236133179), and [they have no intention of changing that](https://github.com/cisco/node-jose/issues/234#issuecomment-457615794).
+* **Requires Node 10.12.0 or better** if you want to run the tests.
+Works fine under Node 11.9+, and might run under versions of node going back to 8.x but no further.
 
@@ -26,26 +28,28 @@ | Branch | Status | Coverage | Comment |
 
-    const jose = require('jose-simple')
-    // You need a private / public JWE key pair.
-    // Either load them from `.pem` files, create them, or somehow acquire them.
-    // The private key must not have a passphrase or cypher!
-    // see https://github.com/cisco/node-jose/issues/69#issuecomment-236133179
+```
+const jose = require('jose-simple')
+// You need a private / public JWE key pair.
+// Either load them from `.pem` files, create them, or somehow acquire them.
+// The private key must not have a passphrase or cypher!
+// see https://github.com/cisco/node-jose/issues/69#issuecomment-236133179
+// see also https://github.com/cisco/node-jose/issues/234#issuecomment-457615794
+// see unit tests for a simple example.
 
-    // TODO: see unit tests for a simple example.
+const { encrypt, decrypt } = jose(privateKey, publicKey)
 
-    const { encrypt, decrypt } = jose(privateKey, publicKey)
+const someData = {
+  some: 'amazing data',
+  you: 'want to keep hidden',
+  from: 'prying eyes'
+}
 
-    const someData = {
-      some: 'amazing data',
-      you: 'want to keep hidden',
-      from: 'prying eyes'
-    }
+encrypt(someData).then((encrypted) => {
+  console.log('encrypted', encrypted)
+  decrypt(encrypted).then((decrypted) => {
+    console.log('decrypted', decrypted)
+    // decrypted will be the same as someData
+  })
+})
+```
 
-    encrypt(someData).then((encrypted) => {
-      console.log('encrypted', encrypted)
-      decrypt(encrypted).then((decrypted) => {
-        console.log('decrypted', decrypted)
-        // decrypted will be the same as someData
-      })
-    })
-
 ### Options
@@ -57,13 +61,11 @@
 
-    const { encrypt, decrypt } = jose(privateKey, publicKey, {
-      format: 'compact'
-      protect: true,
-      // or any of the encrypt options than can be passed to JWE.createEncrypt.
-      // https://github.com/cisco/node-jose/blob/master/lib/jwe/encrypt.js#L661
-    })
+```
+const { encrypt, decrypt } = jose(privateKey, publicKey, {
+  format: 'compact'
+  protect: true,
+  // or any of the encrypt options than can be passed to JWE.createEncrypt.
+  // https://github.com/cisco/node-jose/blob/master/lib/jwe/encrypt.js#L661
+})
+```
 
-## Issues
-
-Cisco's [node-jose](https://github.com/cisco/node-jose/issues) library has issues with **private keys with a passphrase** and cypher set. See [add support for passphrase in pem certificate](https://github.com/cisco/node-jose/issues/234).
-
 ## Development
@@ -73,7 +75,7 @@
 
-* [NodeJS](https://nodejs.org) — `brew install nvm` then `nvm use 10.14.1` or better.
+* [NodeJS](https://nodejs.org) — Version `10.12.0` or better is needed to run the tests as they rely on `crypto.generateKeyPair`.
 
 ### Test it
 
-* `npm test` — runs the unit tests.  The tests give an example of how to create key pairs too. (Leverages [the new crypto.generateKeyPair](https://nodejs.org/dist/latest-v10.x/docs/api/crypto.html#crypto_crypto_generatekeypair_type_options_callback) libraries and so no-longer needs a 3rd party keypair generator.)
+* `npm test` — runs the unit tests.  The tests give an example of how to create key pairs too. (Leverages the [`crypto.generateKeyPair`](https://nodejs.org/dist/latest-v10.x/docs/api/crypto.html#crypto_crypto_generatekeypair_type_options_callback) libraries introduced in Node `10.12.0`.)
 
@@ -80,0 +82,0 @@ ### Lint it

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

181263

increased by840.26%

Lines of code

4978

increased by2270.48%

Number of lines in readme file

87

increased by2.35%

Worsened metrics

Number of package files

7

decreased by-53.33%

Number of medium supply chain risk alerts

1

increased byInfinity%

Dependency changes

• Updatednode-jose@^1.1.1