nodecaf - npm Package Compare versions

Comparing version 0.13.3-rc1 to 0.13.3

lib/api.js

 const assert = require('assert');
-const { METHODS } = require('http');
+const METHODS = [
+    'GET',
+    'POST',
+    'PUT',
+    'PATCH',
+    'DELETE',
+    'HEAD',
+    'OPTIONS'
+];
 const cookieSignature = require('cookie-signature');
@@ -8,2 +16,3 @@
 const { getDecoratedBody } = require('./body');
+const { cors } = require('./cors');
 
@@ -20,3 +29,3 @@ function pathToRegexp(path){
             r.params.push(seg.substr(1));
-            regexp += '\\/([\\w\\d\\-\\._~]+)';
+            regexp += '\\/([\\%\\w\\d\\-\\._~]+)';
             return;
@@ -43,3 +52,3 @@ }
             if(match){
-                r.params.forEach( (p, i) => params[p] = match[i + 1]);
+                r.params.forEach( (p, i) => params[p] = decodeURIComponent(match[i + 1]));
                 return r.handler;
@@ -126,5 +135,13 @@ }
 
+        const signedCookies = {};
+        const signedCookiesProxy = new Proxy(signedCookies, {
+            get(target, p){
+                app.log.warn('`signedCookies` is deprecated. This option will be dropped on `v0.14.0`. Signed cookies must be handled manually instead.');
+                return target[p];
+            }
+        });
+
         input = {
             ...app.global, conf: app.conf, cookies: {}, headers: {}, query: {},
-            ...input, params, log: app.log, signedCookies: {}, method, path
+            ...input, params, log: app.log, signedCookies: signedCookiesProxy, method, path
         };
@@ -152,2 +169,6 @@
 
+        cors(app.conf.cors, method, input.headers, res);
+        if(res.finished)
+            return Promise.resolve(res);
+
         try{
@@ -154,0 +175,0 @@ res.notFound(!handler);

lib/http.js

@@ -1,2 +0,2 @@
-const cookie = require('cookie');
+const cookie = require('./cookie');
 const { buildWebSocketServer } = require('./ws');
@@ -8,7 +8,2 @@ const normalizePath = p => (p.slice(-1) == '/' ? p.slice(0, -1) : p) || '/';
 
-    if(req.method == 'OPTIONS')
-        return this._cors(req, res);
-    else if(this.conf.cors)
-        await new Promise(done => this._cors(req, res, done));
-
     const [ path, query ] = req.url.split('?');
@@ -27,3 +22,4 @@
         const handler = handleRequest.bind(this);
-        this._server = this._serverBuilder(this).on('request', handler);
+        const builder = this._serverBuilder ?? (() => require('http').createServer());
+        this._server = builder(this).on('request', handler);
         await new Promise(done => this._server.listen(this.conf.port, done));
@@ -30,0 +26,0 @@ this.log.info({ type: 'server' },

lib/main.d.ts

@@ -40,2 +40,5 @@ import { Server, ServerResponse, IncomingMessage } from 'http'
         maxAge?: number,
+        /**
+         * @deprecated Setting `signed` cookies is deprecated. This option will be dropped on `v0.14.0`. Cookie signing must be done manually instead. 
+         */
         signed?: boolean,
@@ -126,5 +129,8 @@ path?: string,
         conf: ConfObject,
-        /** Object containing the request unsigned cookies as key-values. */
+        /** Object containing the request cookies as key-values. */
         cookies: Record<string, string>,
-        /** Object containing the request signed cookies as key-values. */
+        /** 
+         * Object containing the request signed cookies as key-values. 
+         * @deprecated `signedCookies` is deprecated. This option will be dropped on `v0.14.0`. Signed cookies must be handled manually instead.
+         **/
         signedCookies: Record<string, string>,
@@ -131,0 +137,0 @@ /** Object containing params parsed from URL segments as key-values. */

lib/main.js

 const
-    http = require('http'),
-    cors = require('cors'),
     Logger = require('golog'),
@@ -36,3 +34,3 @@ assert = require('assert'),
     this._shutdown = opts.shutdown;
-    this._serverBuilder = opts.server ?? (() => http.createServer());
+    this._serverBuilder = opts.server;
 
@@ -52,3 +50,3 @@ const { name, version } = findPkgInfo();
 
-    assert(typeof this._serverBuilder == 'function',
+    assert(!opts.server || typeof this._serverBuilder == 'function',
         new TypeError('Server builder must be a function'));
@@ -79,3 +77,2 @@ }
         this.conf = confort(this.conf, ...objectOrPath);
-        this._cors = cors(this.conf.cors);
 
@@ -144,3 +141,2 @@ this.conf.log = this.conf.log ?? {};
             await actualHTTPClose;
-            delete this.global;
             this.log.info({ type: 'app' }, 'Stopped');
@@ -227,5 +223,3 @@ this.state = 'standby';
 
-const METHODS = [
-    'get', 'post', 'head', 'delete', 'put', 'patch', 'options', 'connect', 'trace'
-];
+const METHODS = [ 'get', 'post', 'delete', 'put', 'patch' ];
 
@@ -232,0 +226,0 @@ METHODS.forEach(m => module.exports[m] = function(path, handler, opts){

lib/response.js

 const { sign } = require('cookie-signature');
-const cookie = require('cookie');
+const cookie = require('./cookie');
 const { format } = require('util');
@@ -78,2 +78,6 @@
 
+    get(k){
+        return this.headers[k.toLowerCase()];
+    },
+
     set(k, v){
@@ -122,7 +126,5 @@ this.setHeader?.(k, v);
     cookie(name, value, opts = {}) {
-        opts = { ...opts };
-        opts.path = opts.path || '/';
+        if(opts.signed)
+            this.input.log.warn('Setting `signed` cookies is deprecated. This option will be dropped on `v0.14.0`. Cookie signing must be done manually instead.');
 
-        value = String(value);
-
         if(value && opts.signed && !this.input.conf.cookie?.secret)
@@ -133,8 +135,3 @@ throw new Error('Trying to sign cookies when secret is not defined');
             value = sign(value, this.input.conf.cookie.secret);
-
-        if('maxAge' in opts) {
-            opts.expires = new Date(Date.now() + opts.maxAge);
-            opts.maxAge /= 1000;
-        }
-
+  
         this.append('Set-Cookie', cookie.serialize(name, value, opts));
@@ -141,0 +138,0 @@

lib/ws.js

@@ -1,4 +0,3 @@
-const cookie = require('cookie');
+const cookie = require('./cookie');
 const { WebSocketServer } = require('ws');
-const { ServerResponse } = require('http');
 const normalizePath = p => (p.slice(-1) == '/' ? p.slice(0, -1) : p) || '/';
@@ -27,2 +26,3 @@
 
+    const { ServerResponse } = require('http');
     const res = new ServerResponse(req);
@@ -29,0 +29,0 @@ const [ path, query ] = req.url.split('?');

package.json

 {
     "name": "nodecaf",
-    "version": "0.13.3-rc1",
+    "version": "0.13.3",
     "description": "Nodecaf is a light framework for developing RESTful Apps in a quick and convenient manner.",
@@ -42,5 +42,3 @@ "main": "lib/main.js",
         "confort": "^0.2.1",
-        "cookie": "^0.5.0",
         "cookie-signature": "^1.1.0",
-        "cors": "^2.8.5",
         "golog": "^0.5.0",
@@ -50,5 +48,5 @@ "ws": "^8.7.0"
     "devDependencies": {
-        "muhb": "^3.1.1",
+        "muhb": "^3.1.2",
         "toml": "^3.0.0"
     }
 }

README.md

@@ -0,0 +0,0 @@ # [Nodecaf](https://gitlab.com/GCSBOSS/nodecaf)

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

62879

increased by7.88%

Dependency count

4

decreased by-33.33%

Number of package files

15

increased by7.14%

Lines of code

1187

increased by16.26%

Number of medium supply chain risk alerts

2

decreased by-33.33%

Dependency changes

• - Removedcookie@^0.5.0

• - Removedcors@^2.8.5

• - Removedcookie@0.5.0(transitive)

• - Removedcors@2.8.5(transitive)

• - Removedobject-assign@4.1.1(transitive)

• - Removedvary@1.1.2(transitive)