node-apex-api-security - npm Package Compare versions

Comparing version 1.0.6 to 1.0.7

129

CHANGELOG.md

		# Change Log

		All notable changes to this project will be documented in this file.
		@@ -6,86 +7,118 @@

		### V1.0.7

		- Update lodash dependency version to fix CVE-2019-10744
		- Update Node engine to v10.16.x and associated test cases

		### V1.0.6
		+ Fixed issue #34 by moving test suite data package to dev dependency.
		+ Bump node dependencies to latest

		- Fixed issue #34 by moving test suite data package to dev dependency.
		- Bump node dependencies to latest

		### V1.0.5
		+ Fixed Bug on signature URL when appending with standard HTTP/HTTPS Port

		- Fixed Bug on signature URL when appending with standard HTTP/HTTPS Port

		### V1.0.4
		+ Compiled for Node 10.x.x LTS
		+ Update Travis configuration

		- Compiled for Node 10.x.x LTS
		- Update Travis configuration

		### V1.0.3
		+ npm commands for eslint

		- npm commands for eslint

		### V1.0.2
		+ Eslint config and linting for library

		- Eslint config and linting for library

		### V1.0.0
		+ Bump to version 1.0.0 major release candidate
		+ Removed deprecated interfaces getTokenFromSecret, getTokenFromCertFileName and getTokenFromCertString
		+ Update default params handling
		+ Code clean-up and improve coverage
		+ Add new test case that use standard test data
		+ Refresh and update dependencies

		- Bump to version 1.0.0 major release candidate
		- Removed deprecated interfaces getTokenFromSecret, getTokenFromCertFileName and getTokenFromCertString
		- Update default params handling
		- Code clean-up and improve coverage
		- Add new test case that use standard test data
		- Refresh and update dependencies

		### V0.7.8
		+ Enhance BaseString handling and bug fixed
		* Add support to handle QuerySrting and FormData with null value i.e. { "queryString" : { "param1" : null, "param2" : "" }, "formData" : { "param3" : null, "param4" : "" } }
		* Add support to handle QuerySrting and FormData with empty string i.e. { "queryString" : { "param1" : null, "param2" : "" }, "formData" : { "param3" : null, "param4" : "" } }
		* Add support to handle QuerySrting and FormData with array values i.e. { "queryString" : { "param1" : [ "value1", "value2" ] }, "formData" : { "param3" : [ "value3", "value4" ] } }
		* Add support to handle QuerySrting and FormData with object values i.e. { "queryString" : { "param1" : { "subParam1" : "subvalue2" } }, "formData" : { "param3" : { "subParam3" : "subvalue3" } } }. Please note that param1 and param3 will be send as empty string, and the subvalue will be ignore.
		* Add support to handle URL QuerySrting with empty string value i.e. ?param1=&param2=value2&param3
		* Add support to handle URL QuerySrting with duplicate name parameters i.e. ?param1=&param2=value2&param1=another+item

		- Enhance BaseString handling and bug fixed
		- Add support to handle QuerySrting and FormData with null value i.e. { "queryString" : { "param1" : null, "param2" : "" }, "formData" : { "param3" : null, "param4" : "" } }
		- Add support to handle QuerySrting and FormData with empty string i.e. { "queryString" : { "param1" : null, "param2" : "" }, "formData" : { "param3" : null, "param4" : "" } }
		- Add support to handle QuerySrting and FormData with array values i.e. { "queryString" : { "param1" : [ "value1", "value2" ] }, "formData" : { "param3" : [ "value3", "value4" ] } }
		- Add support to handle QuerySrting and FormData with object values i.e. { "queryString" : { "param1" : { "subParam1" : "subvalue2" } }, "formData" : { "param3" : { "subParam3" : "subvalue3" } } }. Please note that param1 and param3 will be send as empty string, and the subvalue will be ignore.
		- Add support to handle URL QuerySrting with empty string value i.e. ?param1=&param2=value2&param3
		- Add support to handle URL QuerySrting with duplicate name parameters i.e. ?param1=&param2=value2&param1=another+item

		### V0.7.7
		+ Remove nonce node library

		- Remove nonce node library

		### V0.7.6
		+ Update package.json to fix sub-dependency vulnerabilities

		- Update package.json to fix sub-dependency vulnerabilities

		### V0.7.5
		+ Added logic to getSignatureBaseString to generate nonce and timestamp.

		- Added logic to getSignatureBaseString to generate nonce and timestamp.

		### V0.7.4
		+ Prepare for publishing and update package metadata

		- Prepare for publishing and update package metadata

		### V0.7.2
		+ Added default value for realm in getSignatureToken

		- Added default value for realm in getSignatureToken

		### V0.7.1
		+ Add support to handle QueryString as parameter to the getSignatureToken API

		- Add support to handle QueryString as parameter to the getSignatureToken API

		### V0.7.0
		+ Remove ApiSecurityUtil and test class
		+ Refine Readme

		- Remove ApiSecurityUtil and test class
		- Refine Readme

		### V0.6.1
		+ Remove unused validator dependency
		+ Add package-lock json

		- Remove unused validator dependency
		- Add package-lock json

		### V0.6.0
		+ Recompile for Node 8
		+ Update ApiSigningUtil URL interface
		+ Update ApiSigningUtil test specification

		- Recompile for Node 8
		- Update ApiSigningUtil URL interface
		- Update ApiSigningUtil test specification

		### V0.5.0
		+ Allows client to pass in request as an object for ApiSigningUtil
		+ Deprecate getToken interface for ApiSigningUtil
		+ Deprecate ApiSecurityUtil
		+ Update L1 and L2 to more representative method names

		- Allows client to pass in request as an object for ApiSigningUtil
		- Deprecate getToken interface for ApiSigningUtil
		- Deprecate ApiSecurityUtil
		- Update L1 and L2 to more representative method names

		### V0.4.0
		+ Minor improvements and typo fix in index.js

		- Minor improvements and typo fix in index.js

		### V0.4.1
		+ There are now 3 variants to getToken in ApiSigningUtil.js
		+ Typedefs has been added for ApiSigningUtil.js

		- There are now 3 variants to getToken in ApiSigningUtil.js
		- Typedefs has been added for ApiSigningUtil.js

		### V0.4.2
		+ Export typing

		- Export typing

		### V0.3.0
		+ Update superagent version for security patch

		- Update superagent version for security patch

		### V0.2.0
		+ Additional interface , ApiSigningUtil, that take in parameters when forming RSA256 and HMAC256 security signature token

		- Additional interface , ApiSigningUtil, that take in parameters when forming RSA256 and HMAC256 security signature token

		### V0.1.0
		+ Initial release with HMAC256 and RSA256 signing utility





		- Initial release with HMAC256 and RSA256 signing utility

package.json

		{
		"name": "node-apex-api-security",
		"version": "1.0.6",
		"version": "1.0.7",
		"description": "APEX API security utiity. Includes helper operations to generate HMAC-SHA256 and RSA-SHA256 signatures",
		@@ -10,6 +10,6 @@ "main": "index.js",
		"engines": {
		"node": "^10.14.x"
		"node": "^10.16.x"
		},
		"dependencies": {
		"lodash": "^4.17.11",
		"lodash": "^4.17.14",
		"minimist": "^1.2.0",
		@@ -22,11 +22,11 @@ "querystring": "^0.2.0",
		"chai-as-promised": "^7.1.1",
		"coveralls": "^3.0.3",
		"eslint": "^5.16.0",
		"eslint-plugin-import": "^2.17.2",
		"eslint-plugin-node": "^8.0.1",
		"eslint-plugin-promise": "^4.1.1",
		"coveralls": "^3.0.5",
		"eslint": "^6.0.1",
		"eslint-plugin-import": "^2.18.0",
		"eslint-plugin-node": "^9.1.0",
		"eslint-plugin-promise": "^4.2.1",
		"eslint-plugin-security": "^1.4.0",
		"mocha": "^6.1.3",
		"test-suites-apex-api-security": "git+https://github.com/GovTechSG/test-suites-apex-api-security.git",
		"nyc": "^14.0.0"
		"mocha": "^6.1.4",
		"nyc": "^14.1.1",
		"test-suites-apex-api-security": "git+https://github.com/GovTechSG/test-suites-apex-api-security.git#master"
		},
		@@ -33,0 +33,0 @@ "repository": {

node-apex-api-security - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Dependency changes