koa-send - npm Package Compare versions

Comparing version 5.0.0 to 5.0.1

index.js

@@ -5,2 +5,4 @@ /**
 
+const fs = require('fs')
+const util = require('util')
 const debug = require('debug')('koa-send')
@@ -10,4 +12,15 @@ const resolvePath = require('resolve-path')
 const assert = require('assert')
-const fs = require('mz/fs')
 
+const stat = util.promisify(fs.stat)
+const access = util.promisify(fs.access)
+
+async function exists (path) {
+  try {
+    await access(path)
+    return true
+  } catch (e) {
+    return false
+  }
+}
+
 const {
@@ -35,3 +48,3 @@ normalize,
  * @param {Object} [opts]
- * @return {Function}
+ * @return {Promise}
  * @api public
@@ -78,3 +91,3 @@ */
   // serve brotli file when possible otherwise gzipped file when possible
-  if (ctx.acceptsEncodings('br', 'identity') === 'br' && brotli && (await fs.exists(path + '.br'))) {
+  if (ctx.acceptsEncodings('br', 'identity') === 'br' && brotli && (await exists(path + '.br'))) {
     path = path + '.br'
@@ -84,3 +97,3 @@ ctx.set('Content-Encoding', 'br')
     encodingExt = '.br'
-  } else if (ctx.acceptsEncodings('gzip', 'identity') === 'gzip' && gzip && (await fs.exists(path + '.gz'))) {
+  } else if (ctx.acceptsEncodings('gzip', 'identity') === 'gzip' && gzip && (await exists(path + '.gz'))) {
     path = path + '.gz'
@@ -92,3 +105,3 @@ ctx.set('Content-Encoding', 'gzip')
 
-  if (extensions && !/\.[^/]*$/.exec(path)) {
+  if (extensions && !/\./.exec(basename(path))) {
     const list = [].concat(extensions)
@@ -100,5 +113,5 @@ for (let i = 0; i < list.length; i++) {
       }
-      if (!/^\./.exec(ext)) ext = '.' + ext
-      if (await fs.exists(path + ext)) {
-        path = path + ext
+      if (!/^\./.exec(ext)) ext = `.${ext}`
+      if (await exists(`${path}${ext}`)) {
+        path = `${path}${ext}`
         break
@@ -112,3 +125,3 @@ }
   try {
-    stats = await fs.stat(path)
+    stats = await stat(path)
 
@@ -120,4 +133,4 @@ // Format the path to serve static file servers
       if (format && index) {
-        path += '/' + index
-        stats = await fs.stat(path)
+        path += `/${index}`
+        stats = await stat(path)
       } else {
@@ -142,3 +155,3 @@ return
   if (!ctx.response.get('Cache-Control')) {
-    const directives = ['max-age=' + (maxage / 1000 | 0)]
+    const directives = [`max-age=${(maxage / 1000 | 0)}`]
     if (immutable) {
@@ -145,0 +158,0 @@ directives.push('immutable')

package.json

 {
   "name": "koa-send",
   "description": "Transfer static files",
-  "repository": "koajs/send",
-  "version": "5.0.0",
+  "version": "5.0.1",
+  "main": "index.js",
   "keywords": [
@@ -12,5 +12,16 @@ "koa",
   ],
+  "repository": {
+    "type": "git",
+    "url": "git://github.com/koajs/send.git"
+  },
   "files": [
     "index.js"
   ],
+  "nyc": {
+    "reporter": [
+      "lcov",
+      "text-summary"
+    ],
+    "report-dir": "./coverage"
+  },
   "devDependencies": {
@@ -24,5 +35,5 @@ "eslint": "^4.19.1",
     "iltorb": "^2.3.2",
-    "istanbul": "^0.4.5",
     "koa": "^2.5.1",
     "mocha": "^5.2.0",
+    "nyc": "^15.0.0",
     "should": "^13.2.1",
@@ -33,5 +44,4 @@ "supertest": "^3.1.0"
   "dependencies": {
-    "debug": "^3.1.0",
-    "http-errors": "^1.6.3",
-    "mz": "^2.7.0",
+    "debug": "^4.1.1",
+    "http-errors": "^1.7.3",
     "resolve-path": "^1.4.0"
@@ -41,9 +51,12 @@ },
     "lint": "eslint --fix .",
-    "test": "mocha --require should --reporter spec --exit",
-    "test-cov": "istanbul cover ./node_modules/.bin/_mocha -- --require should --exit",
-    "test-travis": "istanbul cover ./node_modules/.bin/_mocha --report lcovonly -- --require should --exit"
+    "test": "npm run lint && mocha --require should --reporter spec --exit",
+    "test-cov": "nyc npm run test"
   },
   "engines": {
-    "node": ">= 7.6.0"
-  }
+    "node": ">= 8"
+  },
+  "bugs": {
+    "url": "https://github.com/koajs/send/issues"
+  },
+  "homepage": "https://github.com/koajs/send"
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

No bug tracker

Maintenance

Package does not have a linked bug tracker in package.json.

Found 1 instance in 1 package

No repository

Supply chain risk

Package does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.

Found 1 instance in 1 package

No website

Quality

Package does not have a website.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

13582

increased by12.29%

Dependency count

3

decreased by-25%

Number of package files

5

increased by25%

Lines of code

160

increased by7.38%

Number of low maintenance alerts

1

decreased by-50%

Number of low quality alerts

0

decreased by-100%

Number of lines in readme file

110

increased by3.77%

Worsened metrics

Number of medium supply chain risk alerts

2

increased by100%

Dependency changes

• + Addeddebug@4.3.7(transitive)

• - Removedmz@^2.7.0

• - Removedany-promise@1.3.0(transitive)

• - Removeddebug@3.2.7(transitive)

• - Removedmz@2.7.0(transitive)

• - Removedobject-assign@4.1.1(transitive)

• - Removedthenify@3.3.1(transitive)

• - Removedthenify-all@1.6.0(transitive)

• Updateddebug@^4.1.1

• Updatedhttp-errors@^1.7.3