ng-recaptcha - npm Package Compare versions

Comparing version 4.1.1 to 4.2.0

CHANGELOG.md

@@ -0,1 +1,12 @@
+<a name="4.2.0"></a>
+# [4.2.0](https://github.com/DethAriel/ng-recaptcha/compare/v4.1.1...v4.2.0) (2018-10-24)
+
+
+### Features
+
+* **component:** add the ability to provide `nonce` to the script tag ([8f55b19](https://github.com/DethAriel/ng-recaptcha/commit/8f55b19)), closes [#100](https://github.com/DethAriel/ng-recaptcha/issues/100)
+* **component:** allow to specify a base url for loading recaptcha ([df505fd](https://github.com/DethAriel/ng-recaptcha/commit/df505fd)), closes [#101](https://github.com/DethAriel/ng-recaptcha/issues/101)
+
+
+
 <a name="4.1.1"></a>
@@ -2,0 +13,0 @@ ## [4.1.1](https://github.com/DethAriel/ng-recaptcha/compare/v4.1.0...v4.1.1) (2018-10-24)

package.json

 {
   "name": "ng-recaptcha",
-  "version": "4.1.1",
+  "version": "4.2.0",
   "description": "Angular component for Google reCAPTCHA",
@@ -60,3 +60,2 @@ "scripts": {
     "npm-run-all": "^4.1.2",
-    "replace-in-file": "^3.0.0-beta.2",
     "rxjs": "^6.1.0",
@@ -63,0 +62,0 @@ "tslint": "~5.7.0",

README.md

@@ -27,2 +27,4 @@ # Angular component for Google reCAPTCHA
    * [SystemJS configuration](#example-systemjs)
+   * [Loading from a different location](#example-different-url)
+   * [Specifying nonce for Content-Security-Policy](#example-csp-nonce)
 
@@ -343,1 +345,35 @@ ## <a name="installation"></a>Installation
 ```
+
+### <a name="example-different-url"></a>Loading from a different location
+
+Since `"google.com"` domain might be unavailable in some countries, reCAPTCHA core team has a solution for that - using `"recaptcha.net"` domain. You can configure the component to use that by providing the `RECAPTCHA_BASE_URL` token, for example:
+
+```javascript
+import { RECAPTCHA_BASE_URL } from 'ng-recaptcha';
+
+@NgModule({
+  providers: [
+    {
+      provide: RECAPTCHA_BASE_URL,
+      useValue: 'https://recaptcha.net/recaptcha/api.js', // use recaptcha.net script source for some of our users
+    },
+  ],
+}) export class MyModule { }
+```
+
+### <a name="example-csp-nonce"></a>Specifying nonce for Content-Security-Policy
+
+Per [reCAPTCHA FAQ on CSP](https://developers.google.com/recaptcha/docs/faq#im-using-content-security-policy-csp-on-my-website-how-can-i-configure-it-to-work-with-recaptcha), the recommended approach for that is to supply nonce to the script tag. This is possible by providing the `RECAPTCHA_NONCE` token, for example:
+
+```javascript
+import { RECAPTCHA_NONCE } from 'ng-recaptcha';
+
+@NgModule({
+  providers: [
+    {
+      provide: RECAPTCHA_NONCE,
+      useValue: '<YOUR_NONCE_VALUE>',
+    },
+  ],
+}) export class MyModule { }
+```

Fixed alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

26116

increased by7.73%

Dev dependency count

19

decreased by-5%

Number of lines in readme file

378

increased by10.53%

Number of medium supply chain risk alerts

1

decreased by-50%

No dependency changes