neo4j-driver - npm Package Compare versions

Comparing version 1.0.4 to 1.0.5

lib/v1/driver.js

		@@ -257,3 +257,3 @@ /**
		* //
		* // TRUST_SIGNED_CERTIFICATES is the classic approach to trust verification -
		* // TRUST_CUSTOM_CA_SIGNED_CERTIFICATES is the classic approach to trust verification -
		* // whenever we establish an encrypted connection, we ensure the host is using
		@@ -263,6 +263,9 @@ * // an encryption certificate that is in, or is signed by, a certificate listed
		* // by the web browser. In NodeJS, you configure the list with the next config option.
		* trust: "TRUST_ON_FIRST_USE" \| "TRUST_SIGNED_CERTIFICATES",
		* //
		* // TRUST_SYSTEM_CA_SIGNED_CERTIFICATES meand that you trust whatever certificates
		* // are in the default certificate chain of th
		* trust: "TRUST_ON_FIRST_USE" \| "TRUST_SIGNED_CERTIFICATES" \| TRUST_CUSTOM_CA_SIGNED_CERTIFICATES \| TRUST_SYSTEM_CA_SIGNED_CERTIFICATES,
		*
		* // List of one or more paths to trusted encryption certificates. This only
		* // works in the NodeJS bundle, and only matters if you use "TRUST_SIGNED_CERTIFICATES".
		* // works in the NodeJS bundle, and only matters if you use "TRUST_CUSTOM_CA_SIGNED_CERTIFICATES".
		* // The certificate files should be in regular X.509 PEM format.
		@@ -269,0 +272,0 @@ * // For instance, ['./trusted.pem']

lib/v1/internal/ch-node.js

		@@ -133,5 +133,12 @@ /**
		var TrustStrategy = {
		/**
		* @deprecated Since version 1.0. Will be deleted in a future version. TRUST_CUSTOM_CA_SIGNED_CERTIFICATES.
		*/
		TRUST_SIGNED_CERTIFICATES: function TRUST_SIGNED_CERTIFICATES(opts, onSuccess, onFailure) {
		console.log("`TRUST_SIGNED_CERTIFICATES` has been deprecated as option and will be removed in a future version of " + "the driver. Please use `TRUST_CUSTOM_CA_SIGNED_CERTIFICATES` instead.");
		return TrustStrategy.TRUST_CUSTOM_CA_SIGNED_CERTIFICATES(opts, onSuccess, onFailure);
		},
		TRUST_CUSTOM_CA_SIGNED_CERTIFICATES: function TRUST_CUSTOM_CA_SIGNED_CERTIFICATES(opts, onSuccess, onFailure) {
		if (!opts.trustedCertificates \|\| opts.trustedCertificates.length == 0) {
		onFailure((0, _error.newError)("You are using TRUST_SIGNED_CERTIFICATES as the method " + "to verify trust for encrypted connections, but have not configured any " + "trustedCertificates. You must specify the path to at least one trusted " + "X.509 certificate for this to work. Two other alternatives is to use " + "TRUST_ON_FIRST_USE or to disable encryption by setting encrypted=false " + "in your driver configuration."));
		onFailure((0, _error.newError)("You are using TRUST_CUSTOM_CA_SIGNED_CERTIFICATES as the method " + "to verify trust for encrypted connections, but have not configured any " + "trustedCertificates. You must specify the path to at least one trusted " + "X.509 certificate for this to work. Two other alternatives is to use " + "TRUST_ON_FIRST_USE or to disable encryption by setting encrypted=false " + "in your driver configuration."));
		return;
		@@ -141,3 +148,5 @@ }
		var tlsOpts = {
		ca: opts.trustedCertificates.map(_fs2['default'].readFileSync),
		ca: opts.trustedCertificates.map(function (f) {
		return _fs2['default'].readFileSync(f);
		}),
		// Because we manually check for this in the connect callback, to give
		@@ -150,3 +159,3 @@ // a more helpful error to the user
		if (!socket.authorized) {
		onFailure((0, _error.newError)("Server certificate is not trusted. If you trust the database you are connecting to, add" + " the signing certificate, or the server certificate, to the list of certificates trusted by this driver" + " using `neo4j.v1.driver(.., { trustedCertificates:['path/to/certificate.crt']}). This " + " is a security measure to protect against man-in-the-middle attacks. If you are just trying " + " Neo4j out and are not concerned about encryption, simply disable it using `encrypted=false` in the driver" + " options."));
		onFailure((0, _error.newError)("Server certificate is not trusted. If you trust the database you are connecting to, add" + " the signing certificate, or the server certificate, to the list of certificates trusted by this driver" + " using `neo4j.v1.driver(.., { trustedCertificates:['path/to/certificate.crt']}). This " + " is a security measure to protect against man-in-the-middle attacks. If you are just trying " + " Neo4j out and are not concerned about encryption, simply disable it using `encrypted=false` in the driver" + " options. Socket responded with: " + socket.authorizationError));
		} else {
		@@ -159,2 +168,19 @@ onSuccess();
		},
		TRUST_SYSTEM_CA_SIGNED_CERTIFICATES: function TRUST_SYSTEM_CA_SIGNED_CERTIFICATES(opts, onSuccess, onFailure) {

		var tlsOpts = {
		// Because we manually check for this in the connect callback, to give
		// a more helpful error to the user
		rejectUnauthorized: false
		};
		var socket = _tls2['default'].connect(opts.port, opts.host, tlsOpts, function () {
		if (!socket.authorized) {
		onFailure((0, _error.newError)("Server certificate is not trusted. If you trust the database you are connecting to, use " + "TRUST_CUSTOM_CA_SIGNED_CERTIFICATES and add" + " the signing certificate, or the server certificate, to the list of certificates trusted by this driver" + " using `neo4j.v1.driver(.., { trustedCertificates:['path/to/certificate.crt']}). This " + " is a security measure to protect against man-in-the-middle attacks. If you are just trying " + " Neo4j out and are not concerned about encryption, simply disable it using `encrypted=false` in the driver" + " options."));
		} else {
		onSuccess();
		}
		});
		socket.on('error', onFailure);
		return socket;
		},
		TRUST_ON_FIRST_USE: function TRUST_ON_FIRST_USE(opts, onSuccess, onFailure) {
		@@ -174,3 +200,3 @@ var tlsOpts = {
		// do TOFU, and the safe approach is to fail.
		onFailure((0, _error.newError)("You are using a version of NodeJS that does not " + "support trust-on-first use encryption. You can either upgrade NodeJS to " + "a newer version, use `trust:TRUST_SIGNED_CERTIFICATES` in your driver " + "config instead, or disable encryption using `encrypted:false`."));
		onFailure((0, _error.newError)("You are using a version of NodeJS that does not " + "support trust-on-first use encryption. You can either upgrade NodeJS to " + "a newer version, use `trust:TRUST_CUSTOM_CA_SIGNED_CERTIFICATES` in your driver " + "config instead, or disable encryption using `encrypted:false`."));
		return;
		@@ -215,3 +241,3 @@ }
		} else {
		onFailure((0, _error.newError)("Unknown trust strategy: " + opts.trust + ". Please use either " + "trust:'TRUST_SIGNED_CERTIFICATES' or trust:'TRUST_ON_FIRST_USE' in your driver " + "configuration. Alternatively, you can disable encryption by setting " + "`encrypted:false`. There is no mechanism to use encryption without trust verification, " + "because this incurs the overhead of encryption without improving security. If " + "the driver does not verify that the peer it is connected to is really Neo4j, it " + "is very easy for an attacker to bypass the encryption by pretending to be Neo4j."));
		onFailure((0, _error.newError)("Unknown trust strategy: " + opts.trust + ". Please use either " + "trust:'TRUST_CUSTOM_CA_SIGNED_CERTIFICATES' or trust:'TRUST_ON_FIRST_USE' in your driver " + "configuration. Alternatively, you can disable encryption by setting " + "`encrypted:false`. There is no mechanism to use encryption without trust verification, " + "because this incurs the overhead of encryption without improving security. If " + "the driver does not verify that the peer it is connected to is really Neo4j, it " + "is very easy for an attacker to bypass the encryption by pretending to be Neo4j."));
		}
		@@ -259,2 +285,3 @@ }
		self._conn.on('error', self._handleConnectionError);
		self._conn.on('end', self._handleConnectionTerminated);

		@@ -278,2 +305,10 @@ // Drain all pending messages
		}
		}, {
		key: '_handleConnectionTerminated',
		value: function _handleConnectionTerminated() {
		this._error = new Error('Connection was closed by server');
		if (this.onerror) {
		this.onerror(this._error);
		}
		}

		@@ -313,2 +348,3 @@ /**
		this._conn.end();
		this._conn.removeListener('end', this._handleConnectionTerminated);
		this._conn.on('end', cb);
		@@ -315,0 +351,0 @@ } else {

lib/v1/internal/ch-websocket.js

		@@ -60,6 +60,6 @@ /**
		if (opts.encrypted) {
		if (!opts.trust \|\| opts.trust === "TRUST_SIGNED_CERTIFICATES") {
		if (!opts.trust \|\| opts.trust === "TRUST_SIGNED_CERTIFICATES" \|\| opts.trust === "TRUST_CUSTOM_CA_SIGNED_CERTIFICATES") {
		scheme = "wss";
		} else {
		this._error = (0, _error.newError)("The browser version of this driver only supports one trust " + "strategy, 'TRUST_SIGNED_CERTIFICATES'. " + opts.trust + " is not supported. Please " + "either use TRUST_SIGNED_CERTIFICATES or disable encryption by setting " + "`encrypted:false` in the driver configuration.");
		this._error = (0, _error.newError)("The browser version of this driver only supports one trust " + "strategy, 'TRUST_CUSTOM_CA_SIGNED_CERTIFICATES'. " + opts.trust + " is not supported. Please " + "either use TRUST_CUSTOM_CA_SIGNED_CERTIFICATES or disable encryption by setting " + "`encrypted:false` in the driver configuration.");
		return;
		@@ -66,0 +66,0 @@ }

lib/v1/internal/connector.js

		@@ -101,3 +101,4 @@ /**
		//sent before version negotiation
		MAGIC_PREAMBLE = 0x6060B017;
		MAGIC_PREAMBLE = 0x6060B017,
		DEBUG = false;

		@@ -113,2 +114,16 @@ var URLREGEX = new RegExp(["[^/]+//", // scheme

		/**
		* Very rudimentary log handling, should probably be replaced by something proper at some point.
		* @param actor the part that sent the message, 'S' for server and 'C' for client
		* @param msg the bolt message
		*/
		function log(actor, msg) {
		if (DEBUG) {
		for (var i = 2; i < arguments.length; i++) {
		msg += " " + JSON.stringify(arguments[i]);
		}
		console.log(actor + ":" + msg);
		}
		}

		function port(url) {
		@@ -322,5 +337,7 @@ return url.match(URLREGEX)[3];
		case RECORD:
		log("S", "RECORD", msg.fields[0]);
		this._currentObserver.onNext(msg.fields[0]);
		break;
		case SUCCESS:
		log("S", "SUCCESS", msg.fields[0]);
		try {
		@@ -333,2 +350,3 @@ this._currentObserver.onCompleted(msg.fields[0]);
		case FAILURE:
		log("S", "FAILURE", msg);
		try {
		@@ -363,2 +381,3 @@ this._currentObserver.onError(msg);
		case IGNORED:
		log("S", "IGNORED");
		try {
		@@ -381,2 +400,3 @@ if (this._errorMsg && this._currentObserver.onError) this._currentObserver.onError(this._errorMsg);else if (this._currentObserver.onError) this._currentObserver.onError(msg);

		log("C", "INIT", clientName, token);
		this._queueObserver(observer);
		@@ -396,2 +416,3 @@ this._packer.packStruct(INIT, [this._packable(clientName), this._packable(token)], function (err) {

		log("C", "RUN", statement, params);
		this._queueObserver(observer);
		@@ -410,2 +431,3 @@ this._packer.packStruct(RUN, [this._packable(statement), this._packable(params)], function (err) {

		log("C", "PULL_ALL");
		this._queueObserver(observer);
		@@ -424,2 +446,3 @@ this._packer.packStruct(PULL_ALL, [], function (err) {

		log("C", "DISCARD_ALL");
		this._queueObserver(observer);
		@@ -438,2 +461,3 @@ this._packer.packStruct(DISCARD_ALL, [], function (err) {

		log("C", "RESET");
		this._isHandlingFailure = true;
		@@ -464,2 +488,3 @@ var self = this;

		log("C", "ACK_FAILURE");
		this._queueObserver(observer);
		@@ -541,3 +566,3 @@ this._packer.packStruct(ACK_FAILURE, [], function (err) {
		// Default to using trust-on-first-use if it is available
		trust: config.trust \|\| ((0, _features2["default"])("trust_on_first_use") ? "TRUST_ON_FIRST_USE" : "TRUST_SIGNED_CERTIFICATES"),
		trust: config.trust \|\| ((0, _features2["default"])("trust_on_first_use") ? "TRUST_ON_FIRST_USE" : "TRUST_CUSTOM_CA_SIGNED_CERTIFICATES"),
		trustedCertificates: config.trustedCertificates \|\| [],
		@@ -544,0 +569,0 @@ knownHosts: config.knownHosts

lib/v1/internal/pool.js

		@@ -66,7 +66,12 @@ /**
		value: function acquire() {
		if (this._pool.length > 0) {
		return this._pool.pop();
		} else {
		return this._create(this._release);
		var resource = undefined;
		while (this._pool.length) {
		resource = this._pool.pop();

		if (this._validate(resource)) {
		return resource;
		}
		}

		return this._create(this._release);
		}
		@@ -73,0 +78,0 @@ }, {

lib/v1/result-summary.js

		@@ -50,6 +50,11 @@ /**
		this.statementType = metadata.type;
		this.updateStatistics = new StatementStatistics(metadata.stats \|\| {});
		var counters = new StatementStatistics(metadata.stats \|\| {});
		this.counters = counters;
		//for backwards compatibility, remove in future version
		this.updateStatistics = counters;
		this.plan = metadata.plan \|\| metadata.profile ? new Plan(metadata.plan \|\| metadata.profile) : false;
		this.profile = metadata.profile ? new ProfiledPlan(metadata.profile) : false;
		this.notifications = this._buildNotifications(metadata.notifications);
		this.resultConsumedAfter = metadata.result_consumed_after;
		this.resultAvailableAfter = metadata.result_available_after;
		}
		@@ -56,0 +61,0 @@

lib/v1/result.js

		@@ -51,5 +51,6 @@ /**
		* @param {Object} parameters - Map with parameters to use in statement
		* @param metaSupplier function, when called provides metadata
		*/

		function Result(streamObserver, statement, parameters) {
		function Result(streamObserver, statement, parameters, metaSupplier) {
		_classCallCheck(this, Result);
		@@ -61,2 +62,5 @@
		this._parameters = parameters \|\| {};
		this._metaSupplier = metaSupplier \|\| function () {
		return {};
		};
		}
		@@ -138,3 +142,11 @@
		var onCompletedOriginal = observer.onCompleted;
		var self = this;
		var onCompletedWrapper = function onCompletedWrapper(metadata) {

		var additionalMeta = self._metaSupplier();
		for (var key in additionalMeta) {
		if (additionalMeta.hasOwnProperty(key)) {
		metadata[key] = additionalMeta[key];
		}
		}
		var sum = new _resultSummary.ResultSummary(_this._statement, _this._parameters, metadata);
		@@ -141,0 +153,0 @@ onCompletedOriginal.call(observer, sum);

lib/v1/session.js

		@@ -26,2 +26,4 @@ /**

		var _get = function get(_x3, _x4, _x5) { var _again = true; _function: while (_again) { var object = _x3, property = _x4, receiver = _x5; _again = false; if (object === null) object = Function.prototype; var desc = Object.getOwnPropertyDescriptor(object, property); if (desc === undefined) { var parent = Object.getPrototypeOf(object); if (parent === null) { return undefined; } else { _x3 = parent; _x4 = property; _x5 = receiver; _again = true; desc = parent = undefined; continue _function; } } else if ('value' in desc) { return desc.value; } else { var getter = desc.get; if (getter === undefined) { return undefined; } return getter.call(receiver); } } };

		var _createClass = (function () { function defineProperties(target, props) { for (var i = 0; i < props.length; i++) { var descriptor = props[i]; descriptor.enumerable = descriptor.enumerable \|\| false; descriptor.configurable = true; if ('value' in descriptor) descriptor.writable = true; Object.defineProperty(target, descriptor.key, descriptor); } } return function (Constructor, protoProps, staticProps) { if (protoProps) defineProperties(Constructor.prototype, protoProps); if (staticProps) defineProperties(Constructor, staticProps); return Constructor; }; })();
		@@ -31,2 +33,4 @@

		function _inherits(subClass, superClass) { if (typeof superClass !== 'function' && superClass !== null) { throw new TypeError('Super expression must either be null or a function, not ' + typeof superClass); } subClass.prototype = Object.create(superClass && superClass.prototype, { constructor: { value: subClass, enumerable: false, writable: true, configurable: true } }); if (superClass) Object.setPrototypeOf ? Object.setPrototypeOf(subClass, superClass) : subClass.__proto__ = superClass; }

		function _classCallCheck(instance, Constructor) { if (!(instance instanceof Constructor)) { throw new TypeError('Cannot call a class as a function'); } }
		@@ -46,2 +50,4 @@

		var _integer = require("./integer");

		var _error = require("./error");
		@@ -70,2 +76,4 @@

		/** Internal stream observer used for transactional results*/

		/**
		@@ -89,3 +97,3 @@ * Run Cypher statement
		}
		var streamObserver = new _internalStreamObserver2['default']();
		var streamObserver = new _RunObserver();
		if (!this._hasTx) {
		@@ -98,3 +106,5 @@ this._conn.run(statement, parameters, streamObserver);
		}
		return new _result2['default'](streamObserver, statement, parameters);
		return new _result2['default'](streamObserver, statement, parameters, function () {
		return streamObserver.meta();
		});
		}
		@@ -152,3 +162,33 @@

		var _RunObserver = (function (_StreamObserver) {
		_inherits(_RunObserver, _StreamObserver);

		function _RunObserver() {
		_classCallCheck(this, _RunObserver);

		_get(Object.getPrototypeOf(_RunObserver.prototype), 'constructor', this).call(this);
		this._meta = {};
		}

		_createClass(_RunObserver, [{
		key: 'onCompleted',
		value: function onCompleted(meta) {
		_get(Object.getPrototypeOf(_RunObserver.prototype), 'onCompleted', this).call(this, meta);
		for (var key in meta) {
		if (meta.hasOwnProperty(key)) {
		this._meta[key] = meta[key];
		}
		}
		}
		}, {
		key: 'meta',
		value: function meta() {
		return this._meta;
		}
		}]);

		return _RunObserver;
		})(_internalStreamObserver2['default']);

		exports['default'] = Session;
		module.exports = exports['default'];

package.json

		{
		"name": "neo4j-driver",
		"version": "1.0.4",
		"version": "1.0.5",
		"description": "Connect to Neo4j 3.0.0 and up from JavaScript",
		@@ -5,0 +5,0 @@ "author": "Neo Technology Inc.",

lib/browser/neo4j-web.js

Sorry, the diff of this file is too big to display

lib/browser/neo4j-web.min.js

Sorry, the diff of this file is too big to display

neo4j-driver - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics