multer - npm Package Compare versions

Comparing version 2.0.0-rc.2 to 2.0.0-rc.3

index.js

@@ -1,5 +0,5 @@
-const createFileFilter = require('./lib/file-filter')
-const createMiddleware = require('./lib/middleware')
+import bytes from 'bytes'
 
-const bytes = require('bytes')
+import createFileFilter from './lib/file-filter.js'
+import createMiddleware from './lib/middleware.js'
 
@@ -63,3 +63,3 @@ const kLimits = Symbol('limits')
 
-function multer (options = {}) {
+export default function multer (options = {}) {
   if (options === null) throw new TypeError('Expected object for argument "options", got null')
@@ -74,3 +74,1 @@ if (typeof options !== 'object') throw new TypeError(`Expected object for argument "options", got ${typeof options}`)
 }
-
-module.exports = multer

lib/error.js

@@ -11,3 +11,3 @@ const errorMessages = new Map([
 
-class MulterError extends Error {
+export default class MulterError extends Error {
   constructor (code, optionalField) {
@@ -23,3 +23,1 @@ super(errorMessages.get(code))
 }
-
-module.exports = MulterError

lib/file-appender.js

@@ -1,2 +0,2 @@
-function createFileAppender (strategy, req, fields) {
+export default function createFileAppender (strategy, req, fields) {
   switch (strategy) {
@@ -7,3 +7,3 @@ case 'NONE': break
     case 'OBJECT': req.files = Object.create(null); break
-    // istanbul ignore next
+    /* c8 ignore next */
     default: throw new Error(`Unknown file strategy: ${strategy}`)
@@ -26,3 +26,1 @@ }
 }
-
-module.exports = createFileAppender

lib/file-filter.js

@@ -1,4 +0,4 @@
-const MulterError = require('./error')
+import MulterError from './error.js'
 
-function createFileFilter (fields) {
+export default function createFileFilter (fields) {
   const filesLeft = new Map()
@@ -28,3 +28,1 @@
 }
-
-module.exports = createFileFilter

lib/middleware.js

@@ -1,8 +0,9 @@
-const is = require('type-is')
-const fs = require('fs')
-const appendField = require('append-field')
+import fs from 'node:fs'
 
-const createFileAppender = require('./file-appender')
-const readBody = require('./read-body')
+import appendField from 'append-field'
+import is from 'type-is'
 
+import createFileAppender from './file-appender.js'
+import readBody from './read-body.js'
+
 async function handleRequest (setup, req) {
@@ -28,4 +29,4 @@ const options = setup()
 
-function createMiddleware (setup) {
-  return function multerMiddleware (req, res, next) {
+export default function createMiddleware (setup) {
+  return function multerMiddleware (req, _, next) {
     if (!is(req, ['multipart'])) return next()
@@ -35,3 +36,1 @@ handleRequest(setup, req).then(next, next)
 }
-
-module.exports = createMiddleware

lib/read-body.js

@@ -1,13 +0,15 @@
-const path = require('path')
-const pify = require('pify')
-const temp = require('fs-temp')
-const Busboy = require('busboy')
-const FileType = require('stream-file-type')
-const hasOwnProperty = require('has-own-property')
+import { extname } from 'node:path'
+import { pipeline } from 'node:stream/promises'
+import { promisify } from 'node:util'
 
-const pump = pify(require('pump'))
-const onFinished = pify(require('on-finished'))
+import Busboy from 'busboy'
+import { createWriteStream } from 'fs-temp'
+import hasOwnProperty from 'has-own-property'
+import _onFinished from 'on-finished'
+import FileType from 'stream-file-type'
 
-const MulterError = require('./error')
+import MulterError from './error.js'
 
+const onFinished = promisify(_onFinished)
+
 function drainStream (stream) {
@@ -22,3 +24,4 @@ stream.on('readable', stream.read.bind(stream))
     busboy.on('field', (fieldname, value, fieldnameTruncated, valueTruncated) => {
-      // istanbul ignore next: Currently not implemented (https://github.com/mscdex/busboy/issues/6)
+      // Currently not implemented (https://github.com/mscdex/busboy/issues/6)
+      /* c8 ignore next */
       if (fieldnameTruncated) return reject(new MulterError('LIMIT_FIELD_KEY'))
@@ -62,3 +65,3 @@
         clientReportedMimeType: mimetype,
-        clientReportedFileExtension: path.extname(filename || '')
+        clientReportedFileExtension: extname(filename || '')
       }
@@ -72,7 +75,7 @@
 
-      const target = temp.createWriteStream()
+      const target = createWriteStream()
       const detector = new FileType()
       const fileClosed = new Promise((resolve) => target.on('close', resolve))
 
-      const promise = pump(fileStream, detector, target)
+      const promise = pipeline(fileStream, detector, target)
         .then(async () => {
@@ -98,3 +101,3 @@ await fileClosed
 
-async function readBody (req, limits, fileFilter) {
+export default async function readBody (req, limits, fileFilter) {
   const busboy = new Busboy({ headers: req.headers, limits: limits })
@@ -126,3 +129,3 @@
     // Wait for request to close, finish, or error
-    await onFinished(req).catch(/* istanbul ignore next: Already handled by req.on('error', _) */ () => {})
+    await onFinished(req).catch(/* c8 ignore next: Already handled by req.on('error', _) */ () => {})
 
@@ -132,3 +135,1 @@ throw err
 }
-
-module.exports = readBody

package.json

 {
   "name": "multer",
   "description": "Middleware for handling `multipart/form-data`.",
-  "version": "2.0.0-rc.2",
+  "version": "2.0.0-rc.3",
   "contributors": [
@@ -12,2 +12,4 @@ "Hage Yaapa <captain@hacksparrow.com> (http://www.hacksparrow.com)",
   "repository": "expressjs/multer",
+  "type": "module",
+  "exports": "./index.js",
   "keywords": [
@@ -23,27 +25,24 @@ "form",
   "dependencies": {
-    "append-field": "^1.0.0",
+    "append-field": "^2.0.0",
     "busboy": "^0.3.1",
     "bytes": "^3.1.0",
-    "fs-temp": "^1.1.1",
-    "has-own-property": "^1.0.0",
+    "fs-temp": "^2.0.0",
+    "has-own-property": "^2.0.0",
     "on-finished": "^2.3.0",
-    "pify": "^5.0.0",
-    "pump": "^3.0.0",
-    "stream-file-type": "^0.4.0",
+    "stream-file-type": "^0.6.1",
     "type-is": "^1.6.18"
   },
   "devDependencies": {
-    "assert-rejects": "^1.0.0",
+    "c8": "^7.7.3",
     "express": "^4.16.4",
-    "form-data": "^3.0.0",
-    "get-stream": "^5.1.0",
+    "form-data": "^4.0.0",
+    "get-stream": "^6.0.1",
     "hasha": "^5.2.0",
-    "mocha": "^7.1.0",
-    "nyc": "^15.0.0",
+    "mocha": "^9.0.3",
     "recursive-nullify": "^1.0.0",
-    "standard": "^14.3.3",
+    "standard": "^16.0.3",
     "testdata-w3c-json-form": "^1.0.0"
   },
   "engines": {
-    "node": ">=10.13"
+    "node": "^12.20.0 || ^14.13.1 || >=16.0.0"
   },
@@ -56,4 +55,4 @@ "files": [
   "scripts": {
-    "test": "standard && nyc --check-coverage --statements 100 mocha"
+    "test": "standard && c8 --check-coverage --statements 100 mocha"
   }
 }

README.md

@@ -21,4 +21,4 @@ # Multer [![Build Status](https://travis-ci.org/expressjs/multer.svg?branch=master)](https://travis-ci.org/expressjs/multer) [![NPM version](https://badge.fury.io/js/multer.svg)](https://badge.fury.io/js/multer) [![js-standard-style](https://img.shields.io/badge/code%20style-standard-brightgreen.svg?style=flat)](https://github.com/feross/standard)
 ```javascript
-const multer = require('multer')
-const express = require('express')
+import multer from 'multer'
+import express from 'express'
 
@@ -53,4 +53,4 @@ const app = express()
 ```javascript
-const multer = require('multer')
-const express = require('express')
+import multer from 'multer'
+import express from 'express'
 
@@ -75,4 +75,4 @@ const app = express()
 `originalName` | Name of the file on the user's computer (`undefined` if no filename was supplied by the client)
-`size` | Size of the file in bytes
-`stream` | Stream of file
+`size` | Total size of the file in bytes
+`stream` | Readable stream of file data
 `detectedMimeType` | The detected mime-type, or null if we failed to detect
@@ -143,8 +143,8 @@ `detectedFileExtension` | The typical file extension for files of the detected type, or empty string if we failed to detect (with leading `.` to match `path.extname`)
 --- | --- | ---
-`fieldNameSize` | Max field name size | `'100B'`
-`fieldSize` | Max field value size | `'8KB'`
-`fields` | Max number of non-file fields | `1000`
-`fileSize` | The max file size | `'8MB'`
-`files` | The max number of file fields | `10`
-`headerPairs` | The max number of header key=>value pairs to parse | `2000` (same as Node's http)
+`fieldNameSize` | Max number of bytes per field name | `'100B'`
+`fieldSize` | Max number of bytes per field value | `'8KB'`
+`fields` | Max number of fields per request | `1000`
+`fileSize` | Max number of bytes per file | `'8MB'`
+`files` | Max number of files per request | `10`
+`headerPairs` | Max number of header key-value pairs | `2000` (same as Node's http)
 
@@ -151,0 +151,0 @@ Bytes limits can be passed either as a number, or as a string with an appropriate prefix.

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Improved metrics

Dependency count

8

decreased by-20%

Dev dependency count

9

decreased by-10%

Number of low supply chain risk alerts

2

decreased by-33.33%

Is type module

Yes

Worsened metrics

Total package byte prevSize

17688

decreased by-9.45%

Number of package files

9

decreased by-10%

Lines of code

244

decreased by-1.61%

Dependency changes

• + Added@tokenizer/token@0.3.0(transitive)

• + Addedappend-field@2.0.0(transitive)

• + Addedbase32-encode@2.0.0(transitive)

• + Addedencode-utf8@2.0.0(transitive)

• + Addedfile-type@16.5.4(transitive)

• + Addedfmix@1.0.0(transitive)

• + Addedfs-temp@2.0.1(transitive)

• + Addedhas-own-property@2.0.0(transitive)

• + Addedieee754@1.2.1(transitive)

• + Addedmurmur-32@1.0.0(transitive)

• + Addedpeek-readable@4.1.0(transitive)

• + Addedrandom-path@1.0.0(transitive)

• + Addedreadable-web-to-node-stream@3.0.2(transitive)

• + Addedstream-file-type@0.6.1(transitive)

• + Addedstrtok3@6.3.0(transitive)

• + Addedto-data-view@2.0.0(transitive)

• + Addedtoken-types@4.2.1(transitive)

• - Removedpify@^5.0.0

• - Removedpump@^3.0.0

• - Removedappend-field@1.0.0(transitive)

• - Removedbase32-encode@1.2.0(transitive)

• - Removedencode-utf8@1.0.3(transitive)

• - Removedend-of-stream@1.4.4(transitive)

• - Removedfile-type@12.4.2(transitive)

• - Removedfmix@0.1.0(transitive)

• - Removedfs-temp@1.2.1(transitive)

• - Removedhas-own-property@1.0.0(transitive)

• - Removedimul@1.0.1(transitive)

• - Removedmurmur-32@0.2.0(transitive)

• - Removedonce@1.4.0(transitive)

• - Removedpify@5.0.0(transitive)

• - Removedpump@3.0.2(transitive)

• - Removedrandom-path@0.1.2(transitive)

• - Removedstream-file-type@0.4.0(transitive)

• - Removedto-data-view@1.1.0(transitive)

• - Removedwrappy@1.0.2(transitive)

• Updatedappend-field@^2.0.0

• Updatedfs-temp@^2.0.0

• Updatedhas-own-property@^2.0.0

• Updatedstream-file-type@^0.6.1