node-fetch - npm Package Compare versions

Comparing version 2.6.0 to 2.6.1

browser.js

@@ -19,3 +19,5 @@ "use strict";
 // Needed for TypeScript and Webpack.
-exports.default = global.fetch.bind(global);
+if (global.fetch) {
+	exports.default = global.fetch.bind(global);
+}
 
@@ -22,0 +24,0 @@ exports.Headers = global.Headers;

CHANGELOG.md

@@ -8,2 +8,8 @@
 
+## v2.6.1
+
+**This is an important security release. It is strongly recommended to update as soon as possible.**
+
+- Fix: honor the `size` option after following a redirect.
+
 ## v2.6.0
@@ -10,0 +16,0 @@

lib/index.es.js

@@ -464,2 +464,8 @@ process.emitWarning("The .es.js file is deprecated. Use .mjs instead.");
 		res = /<meta[\s]+?http-equiv=(['"])content-type\1[\s]+?content=(['"])(.+?)\2/i.exec(str);
+		if (!res) {
+			res = /<meta[\s]+?content=(['"])(.+?)\1[\s]+?http-equiv=(['"])content-type\3/i.exec(str);
+			if (res) {
+				res.pop(); // drop last quote
+			}
+		}
 
@@ -1472,3 +1478,3 @@ if (res) {
 					case 'error':
-						reject(new FetchError(`redirect mode is set to error: ${request.url}`, 'no-redirect'));
+						reject(new FetchError(`uri requested responds with a redirect, redirect mode is set to error: ${request.url}`, 'no-redirect'));
 						finalize();
@@ -1512,3 +1518,4 @@ return;
 							signal: request.signal,
-							timeout: request.timeout
+							timeout: request.timeout,
+							size: request.size
 						};
@@ -1515,0 +1522,0 @@

lib/index.js

@@ -468,2 +468,8 @@ 'use strict';
 		res = /<meta[\s]+?http-equiv=(['"])content-type\1[\s]+?content=(['"])(.+?)\2/i.exec(str);
+		if (!res) {
+			res = /<meta[\s]+?content=(['"])(.+?)\1[\s]+?http-equiv=(['"])content-type\3/i.exec(str);
+			if (res) {
+				res.pop(); // drop last quote
+			}
+		}
 
@@ -1476,3 +1482,3 @@ if (res) {
 					case 'error':
-						reject(new FetchError(`redirect mode is set to error: ${request.url}`, 'no-redirect'));
+						reject(new FetchError(`uri requested responds with a redirect, redirect mode is set to error: ${request.url}`, 'no-redirect'));
 						finalize();
@@ -1516,3 +1522,4 @@ return;
 							signal: request.signal,
-							timeout: request.timeout
+							timeout: request.timeout,
+							size: request.size
 						};
@@ -1519,0 +1526,0 @@

package.json

 {
-  "name": "node-fetch",
-  "version": "2.6.0",
-  "description": "A light-weight module that brings window.fetch to node.js",
-  "main": "lib/index",
-  "browser": "./browser.js",
-  "module": "lib/index.mjs",
-  "files": [
-    "lib/index.js",
-    "lib/index.mjs",
-    "lib/index.es.js",
-    "browser.js"
-  ],
-  "engines": {
-    "node": "4.x || >=6.0.0"
-  },
-  "scripts": {
-    "build": "cross-env BABEL_ENV=rollup rollup -c",
-    "prepare": "npm run build",
-    "test": "cross-env BABEL_ENV=test mocha --require babel-register --throw-deprecation test/test.js",
-    "report": "cross-env BABEL_ENV=coverage nyc --reporter lcov --reporter text mocha -R spec test/test.js",
-    "coverage": "cross-env BABEL_ENV=coverage nyc --reporter json --reporter text mocha -R spec test/test.js && codecov -f coverage/coverage-final.json"
-  },
-  "repository": {
-    "type": "git",
-    "url": "https://github.com/bitinn/node-fetch.git"
-  },
-  "keywords": [
-    "fetch",
-    "http",
-    "promise"
-  ],
-  "author": "David Frank",
-  "license": "MIT",
-  "bugs": {
-    "url": "https://github.com/bitinn/node-fetch/issues"
-  },
-  "homepage": "https://github.com/bitinn/node-fetch",
-  "devDependencies": {
-    "@ungap/url-search-params": "^0.1.2",
-    "abort-controller": "^1.1.0",
-    "abortcontroller-polyfill": "^1.3.0",
-    "babel-core": "^6.26.3",
-    "babel-plugin-istanbul": "^4.1.6",
-    "babel-preset-env": "^1.6.1",
-    "babel-register": "^6.16.3",
-    "chai": "^3.5.0",
-    "chai-as-promised": "^7.1.1",
-    "chai-iterator": "^1.1.1",
-    "chai-string": "~1.3.0",
-    "codecov": "^3.3.0",
-    "cross-env": "^5.2.0",
-    "form-data": "^2.3.3",
-    "is-builtin-module": "^1.0.0",
-    "mocha": "^5.0.0",
-    "nyc": "11.9.0",
-    "parted": "^0.1.1",
-    "promise": "^8.0.3",
-    "resumer": "0.0.0",
-    "rollup": "^0.63.4",
-    "rollup-plugin-babel": "^3.0.7",
-    "string-to-arraybuffer": "^1.0.2",
-    "whatwg-url": "^5.0.0"
-  },
-  "dependencies": {}
+    "name": "node-fetch",
+    "version": "2.6.1",
+    "description": "A light-weight module that brings window.fetch to node.js",
+    "main": "lib/index",
+    "browser": "./browser.js",
+    "module": "lib/index.mjs",
+    "files": [
+        "lib/index.js",
+        "lib/index.mjs",
+        "lib/index.es.js",
+        "browser.js"
+    ],
+    "engines": {
+        "node": "4.x || >=6.0.0"
+    },
+    "scripts": {
+        "build": "cross-env BABEL_ENV=rollup rollup -c",
+        "prepare": "npm run build",
+        "test": "cross-env BABEL_ENV=test mocha --require babel-register --throw-deprecation test/test.js",
+        "report": "cross-env BABEL_ENV=coverage nyc --reporter lcov --reporter text mocha -R spec test/test.js",
+        "coverage": "cross-env BABEL_ENV=coverage nyc --reporter json --reporter text mocha -R spec test/test.js && codecov -f coverage/coverage-final.json"
+    },
+    "repository": {
+        "type": "git",
+        "url": "https://github.com/bitinn/node-fetch.git"
+    },
+    "keywords": [
+        "fetch",
+        "http",
+        "promise"
+    ],
+    "author": "David Frank",
+    "license": "MIT",
+    "bugs": {
+        "url": "https://github.com/bitinn/node-fetch/issues"
+    },
+    "homepage": "https://github.com/bitinn/node-fetch",
+    "devDependencies": {
+        "@ungap/url-search-params": "^0.1.2",
+        "abort-controller": "^1.1.0",
+        "abortcontroller-polyfill": "^1.3.0",
+        "babel-core": "^6.26.3",
+        "babel-plugin-istanbul": "^4.1.6",
+        "babel-preset-env": "^1.6.1",
+        "babel-register": "^6.16.3",
+        "chai": "^3.5.0",
+        "chai-as-promised": "^7.1.1",
+        "chai-iterator": "^1.1.1",
+        "chai-string": "~1.3.0",
+        "codecov": "^3.3.0",
+        "cross-env": "^5.2.0",
+        "form-data": "^2.3.3",
+        "is-builtin-module": "^1.0.0",
+        "mocha": "^5.0.0",
+        "nyc": "11.9.0",
+        "parted": "^0.1.1",
+        "promise": "^8.0.3",
+        "resumer": "0.0.0",
+        "rollup": "^0.63.4",
+        "rollup-plugin-babel": "^3.0.7",
+        "string-to-arraybuffer": "^1.0.2",
+        "whatwg-url": "^5.0.0"
+    },
+    "dependencies": {}
 }

README.md

@@ -8,2 +8,3 @@ node-fetch
 [![install size][install-size-image]][install-size-url]
+[![Discord][discord-image]][discord-url]
 
@@ -14,2 +15,4 @@ A light-weight module that brings `window.fetch` to Node.js
 
+[![Backers][opencollective-image]][opencollective-url]
+
 <!-- TOC -->
@@ -53,3 +56,3 @@
 
-Instead of implementing `XMLHttpRequest` in Node.js to run browser-specific [Fetch polyfill](https://github.com/github/fetch), why not go from native `http` to `fetch` API directly? Hence `node-fetch`, minimal code for a `window.fetch` compatible API on Node.js runtime.
+Instead of implementing `XMLHttpRequest` in Node.js to run browser-specific [Fetch polyfill](https://github.com/github/fetch), why not go from native `http` to `fetch` API directly? Hence, `node-fetch`, minimal code for a `window.fetch` compatible API on Node.js runtime.
 
@@ -62,5 +65,5 @@ See Matt Andrews' [isomorphic-fetch](https://github.com/matthew-andrews/isomorphic-fetch) or Leonardo Quixada's [cross-fetch](https://github.com/lquixada/cross-fetch) for isomorphic usage (exports `node-fetch` for server-side, `whatwg-fetch` for client-side).
 - Make conscious trade-off when following [WHATWG fetch spec][whatwg-fetch] and [stream spec](https://streams.spec.whatwg.org/) implementation details, document known differences.
-- Use native promise, but allow substituting it with [insert your favorite promise library].
-- Use native Node streams for body, on both request and response.
-- Decode content encoding (gzip/deflate) properly, and convert string output (such as `res.text()` and `res.json()`) to UTF-8 automatically.
+- Use native promise but allow substituting it with [insert your favorite promise library].
+- Use native Node streams for body on both request and response.
+- Decode content encoding (gzip/deflate) properly and convert string output (such as `res.text()` and `res.json()`) to UTF-8 automatically.
 - Useful extensions such as timeout, redirect limit, response size limit, [explicit errors](ERROR-HANDLING.md) for troubleshooting.
@@ -79,7 +82,7 @@
 ```sh
-$ npm install node-fetch --save
+$ npm install node-fetch
 ```
 
 ## Loading and configuring the module
-We suggest you load the module via `require`, pending the stabalizing of es modules in node:
+We suggest you load the module via `require` until the stabilization of ES modules in node:
 ```js
@@ -89,3 +92,3 @@ const fetch = require('node-fetch');
 
-If you are using a Promise library other than native, set it through fetch.Promise:
+If you are using a Promise library other than native, set it through `fetch.Promise`:
 ```js
@@ -99,3 +102,3 @@ const Bluebird = require('bluebird');
 
-NOTE: The documentation below is up-to-date with `2.x` releases, [see `1.x` readme](https://github.com/bitinn/node-fetch/blob/1.x/README.md), [changelog](https://github.com/bitinn/node-fetch/blob/1.x/CHANGELOG.md) and [2.x upgrade guide](UPGRADE-GUIDE.md) for the differences.
+NOTE: The documentation below is up-to-date with `2.x` releases; see the [`1.x` readme](https://github.com/bitinn/node-fetch/blob/1.x/README.md), [changelog](https://github.com/bitinn/node-fetch/blob/1.x/CHANGELOG.md) and [2.x upgrade guide](UPGRADE-GUIDE.md) for the differences.
 
@@ -156,5 +159,5 @@ #### Plain text or HTML
 #### Handling exceptions
-NOTE: 3xx-5xx responses are *NOT* exceptions, and should be handled in `then()`, see the next section.
+NOTE: 3xx-5xx responses are *NOT* exceptions and should be handled in `then()`; see the next section for more information.
 
-Adding a catch to the fetch promise chain will catch *all* exceptions, such as errors originating from node core libraries, like network errors, and operational errors which are instances of FetchError. See the [error handling document](ERROR-HANDLING.md)  for more details.
+Adding a catch to the fetch promise chain will catch *all* exceptions, such as errors originating from node core libraries, network errors and operational errors, which are instances of FetchError. See the [error handling document](ERROR-HANDLING.md)  for more details.
 
@@ -197,3 +200,3 @@ ```js
 #### Buffer
-If you prefer to cache binary data in full, use buffer(). (NOTE: buffer() is a `node-fetch` only API)
+If you prefer to cache binary data in full, use buffer(). (NOTE: `buffer()` is a `node-fetch`-only API)
 
@@ -223,3 +226,3 @@ ```js
 
-Unlike browsers, you can access raw `Set-Cookie` headers manually using `Headers.raw()`, this is a `node-fetch` only API.
+Unlike browsers, you can access raw `Set-Cookie` headers manually using `Headers.raw()`. This is a `node-fetch` only API.
 
@@ -276,7 +279,7 @@ ```js
 
-> NOTE: You may only cancel streamed requests on Node >= v8.0.0
+> NOTE: You may cancel streamed requests only on Node >= v8.0.0
 
 You may cancel requests with `AbortController`. A suggested implementation is [`abort-controller`](https://www.npmjs.com/package/abort-controller).
 
-An example of timing out a request after 150ms could be achieved as follows:
+An example of timing out a request after 150ms could be achieved as the following:
 
@@ -322,3 +325,3 @@ ```js
 
-`url` should be an absolute url, such as `https://example.com/`. A path-relative URL (`/file/under/root`) or protocol-relative URL (`//can-be-http-or-https.com/`) will result in a rejected promise.
+`url` should be an absolute url, such as `https://example.com/`. A path-relative URL (`/file/under/root`) or protocol-relative URL (`//can-be-http-or-https.com/`) will result in a rejected `Promise`.
 
@@ -365,3 +368,3 @@ <a id="fetch-options"></a>
 
-The `agent` option allows you to specify networking related options that's out of the scope of Fetch. Including and not limit to:
+The `agent` option allows you to specify networking related options which are out of the scope of Fetch, including and not limited to the following:
 
@@ -374,3 +377,3 @@ - Support self-signed certificate
 
-In addition, `agent` option accepts a function that returns http(s).Agent instance given current [URL](https://nodejs.org/api/url.html), this is useful during a redirection chain across HTTP and HTTPS protocol.
+In addition, the `agent` option accepts a function that returns `http`(s)`.Agent` instance given current [URL](https://nodejs.org/api/url.html), this is useful during a redirection chain across HTTP and HTTPS protocol.
 
@@ -449,3 +452,3 @@ ```js
 
-- `body` A string or [Readable stream][node-readable]
+- `body` A `String` or [`Readable` stream][node-readable]
 - `options` A [`ResponseInit`][response-init] options dictionary
@@ -480,3 +483,3 @@
 
-Construct a new `Headers` object. `init` can be either `null`, a `Headers` object, an key-value map object, or any iterable object.
+Construct a new `Headers` object. `init` can be either `null`, a `Headers` object, an key-value map object or any iterable object.
 
@@ -522,3 +525,3 @@ ```js
 
-The data encapsulated in the `Body` object. Note that while the [Fetch Standard][whatwg-fetch] requires the property to always be a WHATWG `ReadableStream`, in node-fetch it is a Node.js [`Readable` stream][node-readable].
+Data are encapsulated in the `Body` object. Note that while the [Fetch Standard][whatwg-fetch] requires the property to always be a WHATWG `ReadableStream`, in node-fetch it is a Node.js [`Readable` stream][node-readable].
 
@@ -531,3 +534,3 @@ #### body.bodyUsed
 
-A boolean property for if this body has been consumed. Per spec, a consumed body cannot be used again.
+A boolean property for if this body has been consumed. Per the specs, a consumed body cannot be used again.
 
@@ -559,5 +562,5 @@ #### body.arrayBuffer()
 
-Identical to `body.text()`, except instead of always converting to UTF-8, encoding sniffing will be performed and text converted to UTF-8, if possible.
+Identical to `body.text()`, except instead of always converting to UTF-8, encoding sniffing will be performed and text converted to UTF-8 if possible.
 
-(This API requires an optional dependency on npm package [encoding](https://www.npmjs.com/package/encoding), which you need to install manually. `webpack` users may see [a warning message](https://github.com/bitinn/node-fetch/issues/412#issuecomment-379007792) due to this optional dependency.)
+(This API requires an optional dependency of the npm package [encoding](https://www.npmjs.com/package/encoding), which you need to install manually. `webpack` users may see [a warning message](https://github.com/bitinn/node-fetch/issues/412#issuecomment-379007792) due to this optional dependency.)
 
@@ -596,2 +599,6 @@ <a id="class-fetcherror"></a>
 [install-size-url]: https://packagephobia.now.sh/result?p=node-fetch
+[discord-image]: https://img.shields.io/discord/619915844268326952?color=%237289DA&label=Discord&style=flat-square
+[discord-url]: https://discord.gg/Zxbndcm
+[opencollective-image]: https://opencollective.com/node-fetch/backers.svg
+[opencollective-url]: https://opencollective.com/node-fetch
 [whatwg-fetch]: https://fetch.spec.whatwg.org/
@@ -598,0 +605,0 @@ [response-init]: https://fetch.spec.whatwg.org/#responseinit

No alert changes

Improved metrics

Total package byte prevSize

157766

increased by0.99%

Lines of code

4270

increased by0.54%

Number of lines in readme file

591

increased by1.2%

No dependency changes