New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
light-my-request
Advanced tools
light-my-request - npm Package Compare versions
Comparing version 5.4.0 to 5.5.0
@@ -107,8 +107,20 @@ 'use strict' | ||
| for (const field in headers) { | ||
| const fieldLowerCase = field.toLowerCase() | ||
| if ( | ||
| ( | ||
| fieldLowerCase === 'user-agent' || | ||
| fieldLowerCase === 'content-type' | ||
| ) && headers[field] === undefined | ||
| ) { | ||
| this.headers[fieldLowerCase] = undefined | ||
| continue | ||
| } | ||
| const value = headers[field] | ||
| assert(value !== undefined, 'invalid value "undefined" for header ' + field) | ||
| this.headers[field.toLowerCase()] = '' + value | ||
| this.headers[fieldLowerCase] = '' + value | ||
| } | ||
| this.headers['user-agent'] = this.headers['user-agent'] || 'lightMyRequest' | ||
| if (('user-agent' in this.headers) === false) { | ||
| this.headers['user-agent'] = 'lightMyRequest' | ||
| } | ||
| this.headers.host = this.headers.host || options.authority || hostHeaderFromURL(parsedURL) | ||
@@ -147,3 +159,6 @@ | ||
| payload = JSON.stringify(payload) | ||
| this.headers['content-type'] = this.headers['content-type'] || 'application/json' | ||
| if (('content-type' in this.headers) === false) { | ||
| this.headers['content-type'] = 'application/json' | ||
| } | ||
| } | ||
@@ -150,0 +165,0 @@ |
| { | ||
| "name": "light-my-request", | ||
| "version": "5.4.0", | ||
| "version": "5.5.0", | ||
| "description": "Fake HTTP injection library", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
@@ -1927,1 +1927,26 @@ 'use strict' | ||
| }) | ||
| test('should leave the headers user-agent and content-type undefined when the headers are explicitly set to undefined in the inject', (t) => { | ||
| t.plan(5) | ||
| const dispatch = function (req, res) { | ||
| t.ok(Array.isArray(req.rawHeaders)) | ||
| t.equal(req.headers['user-agent'], undefined) | ||
| t.equal(req.headers['content-type'], undefined) | ||
| t.equal(req.headers['x-foo'], 'bar') | ||
| res.writeHead(200, { 'Content-Type': 'text/plain' }) | ||
| res.end('Ok') | ||
| } | ||
| inject(dispatch, { | ||
| url: 'http://example.com:8080/hello', | ||
| method: 'POST', | ||
| headers: { | ||
| 'x-foo': 'bar', | ||
| 'user-agent': undefined, | ||
| 'content-type': undefined | ||
| }, | ||
| body: {} | ||
| }, (err, res) => { | ||
| t.error(err) | ||
| }) | ||
| }) |
Fixed alerts
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.87%
115724
- Lines of code
- increased by1.07%
3506
- Number of medium supply chain risk alerts
- decreased by-20%
4
Worsened metrics
- Number of package files
- decreased by-5%
19
No dependency changes