pacote - npm Package Compare versions

Comparing version 2.7.19 to 2.7.20

CHANGELOG.md

@@ -5,2 +5,12 @@ # Change Log
 
+<a name="2.7.20"></a>
+## [2.7.20](https://github.com/zkat/pacote/compare/v2.7.19...v2.7.20) (2017-05-25)
+
+
+### Bug Fixes
+
+* **registry:** encode username and password for auth ([c48b651](https://github.com/zkat/pacote/commit/c48b651))
+
+
+
 <a name="2.7.19"></a>
@@ -7,0 +17,0 @@ ## [2.7.19](https://github.com/zkat/pacote/compare/v2.7.18...v2.7.19) (2017-05-25)

lib/fetchers/registry/fetch.js

@@ -93,5 +93,5 @@ 'use strict'
   } else if (shouldAuth && auth.username && auth.password) {
-    const encoded = Buffer.from(
-      `${auth.username}:${auth.password}`, 'utf8'
-    ).toString('base64')
+    const username = encodeURIComponent(auth.username)
+    const password = encodeURIComponent(auth.password)
+    const encoded = Buffer.from(`${username}:${password}`).toString('base64')
     headers.authorization = `Basic ${encoded}`
@@ -98,0 +98,0 @@ }

package.json

 {
   "name": "pacote",
-  "version": "2.7.19",
+  "version": "2.7.20",
   "description": "JavaScript package downloader",
@@ -5,0 +5,0 @@ "main": "index.js",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

78021

increased by0.41%

No dependency changes