Comparing version 1.1.3 to 1.1.4
var bufferEqual = require('buffer-equal-constant-time'); | ||
var base64url = require('base64url'); | ||
var Buffer = require('safe-buffer').Buffer; | ||
var crypto = require('crypto'); | ||
@@ -42,3 +43,3 @@ var formatEcdsa = require('ecdsa-sig-formatter'); | ||
var computedSig = createHmacSigner(bits)(thing, secret); | ||
return bufferEqual(Buffer(signature), Buffer(computedSig)); | ||
return bufferEqual(Buffer.from(signature), Buffer.from(computedSig)); | ||
} | ||
@@ -45,0 +46,0 @@ } |
{ | ||
"name": "jwa", | ||
"version": "1.1.3", | ||
"version": "1.1.4", | ||
"description": "JWA implementation (supports all JWS algorithms)", | ||
@@ -10,9 +10,10 @@ "main": "index.js", | ||
"dependencies": { | ||
"base64url": "~1.0.4", | ||
"buffer-equal-constant-time": "^1.0.1", | ||
"ecdsa-sig-formatter": "^1.0.0" | ||
"base64url": "2.0.0", | ||
"buffer-equal-constant-time": "1.0.1", | ||
"ecdsa-sig-formatter": "1.0.7", | ||
"safe-buffer": "^5.0.1" | ||
}, | ||
"devDependencies": { | ||
"semver": "^4.3.6", | ||
"tap": "~0.3.3" | ||
"semver": "4.3.6", | ||
"tap": "6.2.0" | ||
}, | ||
@@ -34,5 +35,4 @@ "scripts": { | ||
], | ||
"author": "Brian J. Brennan", | ||
"license": "MIT", | ||
"gitHead": "5ca1d5182bb64ff15f6f52000fb30a6582a4c8b0" | ||
"author": "Brian J. Brennan <brianloveswords@gmail.com>", | ||
"license": "MIT" | ||
} |
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
0
10822
4
5
111
+ Addedsafe-buffer@^5.0.1
+ Addedbase64-url@1.3.3(transitive)
+ Addedbase64url@2.0.0(transitive)
+ Addedecdsa-sig-formatter@1.0.7(transitive)
- Removedbase64url@1.0.6(transitive)
- Removedcamelcase@1.2.1(transitive)
- Removedcamelcase-keys@1.0.0(transitive)
- Removedconcat-stream@1.4.11(transitive)
- Removedcore-util-is@1.0.3(transitive)
- Removedecdsa-sig-formatter@1.0.11(transitive)
- Removedget-stdin@4.0.1(transitive)
- Removedindent-string@1.2.2(transitive)
- Removedinherits@2.0.4(transitive)
- Removedis-finite@1.1.0(transitive)
- Removedisarray@0.0.1(transitive)
- Removedmap-obj@1.0.1(transitive)
- Removedmeow@2.0.0(transitive)
- Removedminimist@1.2.8(transitive)
- Removedobject-assign@1.0.0(transitive)
- Removedreadable-stream@1.1.14(transitive)
- Removedrepeating@1.1.3(transitive)
- Removedstring_decoder@0.10.31(transitive)
- Removedtypedarray@0.0.7(transitive)
Updatedbase64url@2.0.0
Updatedecdsa-sig-formatter@1.0.7