New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
mailauth - npm Package Compare versions
Comparing version 1.0.12 to 1.0.13
@@ -282,3 +282,3 @@ 'use strict'; | ||
| // no need to check | ||
| return knownPolicy; | ||
| return { policy: knownPolicy, status: 'cached' }; | ||
| } | ||
@@ -289,3 +289,3 @@ | ||
| if (!policyId) { | ||
| return false; | ||
| return { policy: { id: false, mode: 'none' }, status: 'not_found' }; | ||
| } | ||
@@ -295,3 +295,8 @@ | ||
| // no changes | ||
| return knownPolicy; | ||
| return { | ||
| policy: Object.assign({}, knownPolicy, { | ||
| expires: new Date(Date.now() + knownPolicy.maxAge * 1000).toISOString() | ||
| }), | ||
| status: 'renewed' | ||
| }; | ||
| } | ||
@@ -301,12 +306,18 @@ | ||
| if (!policy) { | ||
| return false; | ||
| return { policy: { id: false, mode: 'none' }, status: 'not_found' }; | ||
| } | ||
| policy.expires = new Date(Date.now() + policy.maxAge * 1000).toISOString(); | ||
| return Object.assign({ id: policyId }, policy); | ||
| return { | ||
| policy: Object.assign({ id: policyId }, policy, { | ||
| expires: new Date(Date.now() + policy.maxAge * 1000).toISOString() | ||
| }), | ||
| status: 'found' | ||
| }; | ||
| } catch (err) { | ||
| if (knownPolicy) { | ||
| // re-use existing policy on error | ||
| return Object.assign({ error: err }, knownPolicy); | ||
| return { | ||
| policy: Object.assign({ error: err }, knownPolicy), | ||
| status: 'errored' | ||
| }; | ||
| } | ||
@@ -313,0 +324,0 @@ throw err; |
| { | ||
| "name": "mailauth", | ||
| "version": "1.0.12", | ||
| "version": "1.0.13", | ||
| "description": "Email authentication library for Node.js", | ||
@@ -24,3 +24,3 @@ "main": "lib/mailauth.js", | ||
| "author": "Andris Reinman", | ||
| "license": "AGPL-3.0-or-later", | ||
| "license": "(AGPL-3.0-or-later OR EUPL-1.1+)", | ||
| "bugs": { | ||
@@ -45,3 +45,3 @@ "url": "https://github.com/andris9/mailauth/issues" | ||
| "node-forge": "0.10.0", | ||
| "nodemailer": "6.4.15", | ||
| "nodemailer": "6.4.16", | ||
| "psl": "1.8.0" | ||
@@ -48,0 +48,0 @@ }, |
@@ -316,14 +316,14 @@  | ||
| const policy = await getPolicy('gmail.com', knownPolicy); | ||
| const { policy, status } = await getPolicy('gmail.com', knownPolicy); | ||
| const policyMatch = validateMx(mx, policy); | ||
| if (policy?.id !== knownPolicy?.id) { | ||
| if (policy.id !== knownPolicy?.id) { | ||
| // policy has been updated, update cache | ||
| } | ||
| if (policy?.mode === 'enforce') { | ||
| if (policy.mode === 'enforce') { | ||
| // must use TLS | ||
| } | ||
| if (policy && !policyMatch) { | ||
| if (policy.mx && !policyMatch) { | ||
| // can't connect, unlisted MX | ||
@@ -333,2 +333,44 @@ } | ||
| ### Resolve policy | ||
| Resolve MTA-STS policy for a domain | ||
| ``` | ||
| getPolicy(domain [,knownPolicy]) -> {policy, status} | ||
| ``` | ||
| Where | ||
| - **domain** is the domain to check for (eg. "gmail.com") | ||
| - **knownPolicy** (optional) is the policy object from last check for this domain. This is used to check if the policy is still valid or it was updated. | ||
| Function returns an object with the following properties: | ||
| - **policy** (object) | ||
| - **id** (string or `false`) ID of the policy | ||
| - **mode** (string) one of _"none"_, _"testing"_ or _"enforce"_ | ||
| - **mx** (array, if available) an Array of whitelisted MX hostnames | ||
| - **expires** (string, if available) ISO date string for cacheing | ||
| - **status** (string) one of the following values: | ||
| - _"not_found"_ no policy was found for this domain. You can decide yourself how long you want to cache this response | ||
| - _"cached"_ no changes detected, current policy is still valid and can be used | ||
| - _"found"_ new or updated policy was found. Cache this in your system until _policy.expires_ | ||
| - _"renew"_ existing policy is still valid, renew cached version until _policy.expires_ | ||
| - _"errored"_ policy discovery failed for some temporary error (eg. failing DNS queries). See _policy.error_ for details | ||
| ### Validate MX hostname | ||
| Check if a resolved MX hostname is valid by MTA-STS policy or not | ||
| ``` | ||
| validateMx(mx, policy) -> Boolean | ||
| ``` | ||
| Where | ||
| - **mx** is the resolved MX hostname (eg. "gmail-smtp-in.l.google.com") | ||
| - **policy** is the policy object returned by `getPolicy()` | ||
| Function returns a boolean. If it is `true` then MX hostname is allowed to use. | ||
| ## Testing | ||
@@ -340,3 +382,3 @@ | ||
| [OpenSPF test suite](http://www.openspf.org/Test_Suite) with the following differences: | ||
| [OpenSPF test suite](http://www.openspf.org/Test_Suite) ([archive.org mirror](https://web.archive.org/web/20190130131432/http://www.openspf.org/Test_Suite)) with the following differences: | ||
@@ -405,4 +447,4 @@ - No PTR support in `mailauth`, all PTR related tests are ignored | ||
| Licensed under GNU Affero General Public License v3.0 or later. | ||
| Dual licensed under GNU Affero General Public License v3.0 or later or EUPLv1.1+ | ||
| MIT-licensed version of mailauth is available for [Postal Systems subscribers](https://postalsys.com/). |
New alerts
Unidentified License
License(Experimental) Something that seems like a license was found, but its contents could not be matched with a known license.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by7.99%
220663
- Number of package files
- increased by3.57%
29
- Lines of code
- increased by0.35%
3466
- Number of lines in readme file
- increased by10.37%
447
Worsened metrics
- Number of low license alerts
- increased by33.33%
4
Dependency changes
+ Addednodemailer@6.4.16(transitive)
- Removednodemailer@6.4.15(transitive)
Updatednodemailer@6.4.16