koa-body - npm Package Compare versions

Comparing version 2.6.0 to 3.0.0

index.js

@@ -36,3 +36,3 @@ /**
   opts.patchNode = 'patchNode' in opts ? opts.patchNode : false;
-  opts.patchKoa = 'patchKoa' in opts ? opts.patchKoa : true;
+  opts.patchKoa  = 'patchKoa'  in opts ? opts.patchKoa  : true;
   opts.multipart = 'multipart' in opts ? opts.multipart : false;
@@ -42,3 +42,3 @@ opts.urlencoded = 'urlencoded' in opts ? opts.urlencoded : true;
   opts.text = 'text' in opts ? opts.text : true;
-  opts.encoding = 'encoding' in opts ? opts.encoding : 'utf-8';
+  opts.encoding  = 'encoding'  in opts ? opts.encoding  : 'utf-8';
   opts.jsonLimit = 'jsonLimit' in opts ? opts.jsonLimit : '1mb';
@@ -51,29 +51,23 @@ opts.formLimit = 'formLimit' in opts ? opts.formLimit : '56kb';
 
-  return function (ctx, next) {
+  return function *(next){
     var bodyPromise;
     // so don't parse the body in strict mode
-    if (!opts.strict || ["GET", "HEAD", "DELETE"].indexOf(ctx.method.toUpperCase()) === -1) {
+    if (!opts.strict || ["GET", "HEAD", "DELETE"].indexOf(this.method.toUpperCase()) === -1) {
       try {
-        if (opts.json && ctx.is('json')) {
-          bodyPromise = buddy.json(ctx, {
-            encoding: opts.encoding,
-            limit: opts.jsonLimit
-          });
-        } else if (opts.urlencoded && ctx.is('urlencoded')) {
-          bodyPromise = buddy.form(ctx, {
-            encoding: opts.encoding,
-            limit: opts.formLimit,
-            queryString: opts.queryString
-          });
-        } else if (opts.text && ctx.is('text')) {
-          bodyPromise = buddy.text(ctx, {
-            encoding: opts.encoding,
-            limit: opts.textLimit
-          });
-        } else if (opts.multipart && ctx.is('multipart')) {
-          bodyPromise = formy(ctx, opts.formidable);
+        if (opts.json && this.is('json'))  {
+          bodyPromise = buddy.json(this, {encoding: opts.encoding, limit: opts.jsonLimit});
         }
-      } catch (parsingError) {
-        if (typeof opts.onError === 'function') {
-          opts.onError(parsingError, ctx);
+        else if (opts.urlencoded && this.is('urlencoded')) {
+          bodyPromise = buddy.form(this, {encoding: opts.encoding, limit: opts.formLimit, queryString: opts.queryString});
+        }
+        else if (opts.text && this.is('text')) {
+          bodyPromise = buddy.text(this, {encoding: opts.encoding, limit: opts.textLimit});
+        }
+        else if (opts.multipart && this.is('multipart')) {
+          bodyPromise = formy(this, opts.formidable);
+        }
+
+      } catch(parsingError) {
+        if (typeof(opts.onError) === 'function') {
+          opts.onError(parsingError, this);
         } else {
@@ -86,19 +80,30 @@ throw parsingError;
     bodyPromise = bodyPromise || Promise.resolve({});
-    return bodyPromise.catch(function(parsingError) {
+    bodyPromise = bodyPromise.catch((parsingError) => {
       if (typeof opts.onError === 'function') {
-        opts.onError(parsingError, ctx);
+        opts.onError(parsingError, this);
       } else {
         throw parsingError;
       }
-      return next();
     })
-    .then(function(body) {
+    .then((body) => {
       if (opts.patchNode) {
-        ctx.req.body = body;
+        if (isMultiPart(this, opts)) {
+          this.req.body = body.fields;
+          this.req.files = body.files;
+        } else {
+          this.req.body = body;
+        }
       }
       if (opts.patchKoa) {
-        ctx.request.body = body;
+        if (isMultiPart(this, opts)) {
+          this.request.body = body.fields;
+          this.request.files = body.files;
+        } else {
+          this.request.body = body;
+        }
       }
-      return next();
-    })
+    });
+
+    yield bodyPromise;
+    yield next;
   };
@@ -108,2 +113,14 @@ }
 /**
+ * Check if multipart handling is enabled and that this is a multipart request
+ *
+ * @param  {Object} ctx
+ * @param  {Object} opts
+ * @return {Boolean} true if request is multipart and being treated as so
+ * @api private
+ */
+function isMultiPart(ctx, opts) {
+  return opts.multipart && ctx.is('multipart');
+}
+
+/**
  * Donable formidable
@@ -113,3 +130,3 @@ *
  * @param  {Object} opts
- * @return {Object}
+ * @return {Promise}
  * @api private
@@ -116,0 +133,0 @@ */

package.json

 {
   "name": "koa-body",
-  "version": "2.6.0",
-  "description": "A koa body parser middleware. Support multipart, urlencoded and json request bodies.",
+  "version": "3.0.0",
+  "description": "A Koa body parser middleware. Supports multipart, urlencoded and JSON request bodies.",
   "main": "index.js",
-  "types": "./index.d.ts",
   "scripts": {
-    "test": "node_modules/.bin/mocha",
-    "examples-multer": "node --harmony examples/multer.js",
-    "examples-koa-router": "node --harmony examples/koa-router.js"
+    "test": "mocha",
+    "examples-multer": "node examples/multer.js",
+    "examples-koa-router": "node examples/koa-router.js"
   },
   "author": {
     "name": "Daryl Lau",
-    "email": "dlau00@gmail.com",
+    "email": "daryl@weak.io",
     "url": "https://github.com/dlau"
@@ -39,12 +38,11 @@ },
     "co-body": "^5.1.1",
-    "formidable": "^1.1.1"
+    "formidable": "^1.0.17"
   },
   "devDependencies": {
-    "@types/koa": "^2.0.39",
-    "koa": "^2.0.0",
-    "koa-router": "^7.0.1",
+    "koa": "^1.6.0",
+    "koa-resource-router": "^0.4.0",
+    "koa-router": "^5.4.2",
     "lodash": "^3.3.1",
-    "mocha": "*",
-    "multiline": "*",
-    "should": "*",
+    "mocha": "^5.2.0",
+    "should": "^13.2.1",
     "supertest": "2.0.0"
@@ -55,3 +53,3 @@ },
       "name": "Daryl Lau",
-      "email": "dlau00@gmail.com",
+      "email": "daryl@weak.io",
       "url": "https://github.com/dlau"
@@ -58,0 +56,0 @@ },

README.md

@@ -1,7 +0,10 @@
-koa-body [![Build Status](https://travis-ci.org/dlau/koa-body.svg?branch=koa2)](https://travis-ci.org/dlau/koa-body) [![Dependencies Status](https://david-dm.org/dlau/koa-body/status.svg)](https://david-dm.org/dlau/koa-body)
+koa-body [![Build Status](https://travis-ci.org/dlau/koa-body.png)](https://travis-ci.org/dlau/koa-body) [![Dependencies Status](https://david-dm.org/dlau/koa-body/status.svg)](https://david-dm.org/dlau/koa-body)
 ================
 
-> A full-featured [`koa`](https://github.com/koajs/koa) body parser middleware. Support `multipart`, `urlencoded` and `json` request bodies. Provides same functionality as Express's bodyParser - [`multer`](https://github.com/expressjs/multer). And all that is wrapped only around
+> A full-feature [`koa`](https://github.com/koajs/koa) body parser middleware. Support `multipart`, `urlencoded` and `json` request bodies. Provides same functionality as Express's bodyParser - [`multer`](https://github.com/expressjs/multer). And all that is wrapped only around
 [`co-body`](https://github.com/visionmedia/co-body) and [`formidable`](https://github.com/felixge/node-formidable).
 
+## Related module
+- [`koa-better-body`](https://github.com/tunnckoCore/koa-better-body)
+
 ## Install
@@ -14,8 +17,14 @@ >Install with [npm](https://github.com/npm/npm)
 
-## Legacy Koa1 support
+## Legacy Koa v1 support
 ```
-$ npm install koa-body@1
+$ npm install koa-body@3
 ```
 
+## Breaking Changes in v3/4
+To address a potential security issue, the `files` property has been moved to `ctx.request.files`. In prior versions, `files` was a property of `ctx.request.body`. If you do not use multipart uploads, no changes to your code need to be made.
+
+Versions 1 and 2 of `koa-body` are deprecated and replaced with versions 3 and 4, respectively.
+
 ## Features
+- 15 tests
 - can handle three type requests
@@ -28,36 +37,24 @@ * **multipart/form-data**
 - body, fields and files limiting
+- 2 dependencies only
 
-## Hello world
-```sh
-npm install koa
-npm install koa-body
-nvm install v7.9.0 #Note - koa requires node v7.6.0 for ES2015/async support
-```
-index.js:
+
+## Usage like [multer](https://github.com/expressjs/multer)
+> It's very simple, because you can access the fields and files in the `ctx.request.body` or `ctx.req.body` JSON object
+
 ```js
-const Koa = require('koa');
-const koaBody = require('koa-body');
+var app      = require('koa')(),
+    koaBody   = require('koa-body');
 
-const app = new Koa();
-
-app.use(koaBody());
-app.use(ctx => {
-  ctx.body = `Request Body: ${JSON.stringify(ctx.request.body)}`;
+app.use(koaBody({formidable:{uploadDir: __dirname}}));
+app.use(function *(next) {
+  if (this.request.method == 'POST') {
+    console.log(this.request.body);
+    // => POST body
+    this.body = JSON.stringify(this.request.body);
+  }
+  yield next;
 });
-
-app.listen(3000);
+app.listen(3131)
+console.log('curl -i http://localhost:3131/ -d "name=test"');
 ```
-
-```sh
-$ node index.js
-$ curl -i http://localhost:3000/users -d "name=test"
-HTTP/1.1 200 OK
-Content-Type: text/plain; charset=utf-8
-Content-Length: 29
-Date: Wed, 03 May 2017 02:09:44 GMT
-Connection: keep-alive
-
-Request Body: {"name":"test"}% 
-```
-
 **For a more comprehensive example, see** `examples/multipart.js`
@@ -69,12 +66,11 @@
 ```js
-const Koa = require('koa');
-const app = new Koa();
-const router = require('koa-router')();
-const koaBody = require('koa-body');
+var app     = require('koa')(),
+    router  = require('koa-router')(),
+    koaBody = require('koa-body')();
 
-router.post('/users', koaBody(),
-  (ctx) => {
-    console.log(ctx.request.body);
+router.post('/users', koaBody,
+  function *(next) {
+    console.log(this.request.body);
     // => POST body
-    ctx.body = JSON.stringify(ctx.request.body);
+    this.body = JSON.stringify(this.request.body);
   }
@@ -85,4 +81,4 @@ );
 
-app.listen(3000);
-console.log('curl -i http://localhost:3000/users -d "name=test"');
+app.listen(3131);
+console.log('curl -i http://localhost:3131/users -d "name=test"');
 ```
@@ -117,3 +113,3 @@
 - `maxFields` **{Integer}** Limits the number of fields that the querystring parser will decode, default `1000`
-- `maxFieldsSize` **{Integer}** Limits the amount of memory all fields together (except files) can allocate in bytes. If this value is exceeded, an 'error' event is emitted, default `2mb (2 * 1024 * 1024)`
+- `maxFieldsSize` **{Integer}** Limits the amount of memory all fields together (except files) can allocate in bytes. If this value is exceeded, an 'error' event is emitted, default `2mb (2 * 2 * 1024)`
 - `uploadDir` **{String}** Sets the directory for placing file uploads in, default `os.tmpDir()`
@@ -130,2 +126,4 @@ - `keepExtensions` **{Boolean}** Files written to `uploadDir` will include the extensions of the original files, default `false`
 ## Tests
+> As usual - `npm test` **or** if you have [mocha](https://mochajs.org) globally - `mocha --harmony-generators`.
+
 ```
@@ -132,0 +130,0 @@ $ npm test

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Dev dependency count

7

decreased by-12.5%

Worsened metrics

Total package byte prevSize

13081

decreased by-19.38%

Number of package files

4

decreased by-20%

Lines of code

154

decreased by-39.13%

Number of lines in readme file

129

decreased by-1.53%

Number of medium supply chain risk alerts

2

increased byInfinity%

Dependency changes

• Updatedformidable@^1.0.17