postman-request - npm Package Compare versions

Comparing version 2.88.1-postman.33 to 2.88.1-postman.34

index.js

@@ -17,3 +17,2 @@ // Copyright 2010-2012 Mikeal Rogers
 
-var tls = require('tls')
 var extend = require('extend')
@@ -135,88 +134,2 @@ var cookies = require('./lib/cookies')
 
-// As of now (Node v10.x LTS), the only way to extend the well known "root" CA
-// is by using an environment variable called `NODE_EXTRA_CA_CERTS`.
-// This function enables the same functionality and provides a programmatic way
-// to extend the CA certificates.
-// Refer: https://nodejs.org/docs/latest-v10.x/api/cli.html#cli_node_extra_ca_certs_file
-//
-// @note Unlike NODE_EXTRA_CA_CERTS, this method extends the CA for every
-// request sent and since its an expensive operation its advised to use a
-// keepAlive agent(agentOptions.keepAlive: true) when this is enabled.
-//
-//   Benchmarks using a local server:
-//     NODE_EXTRA_CA_CERTS (keepAlive: false) : 422 ops/sec ±1.73% (77 runs sampled)
-//     NODE_EXTRA_CA_CERTS (keepAlive: true)  : 2,096 ops/sec ±4.23% (69 runs sampled)
-//
-//     enableNodeExtraCACerts (keepAlive: false) : 331 ops/sec ±5.64% (77 runs sampled)
-//     enableNodeExtraCACerts (keepAlive: true)  : 2,045 ops/sec ±5.20% (69 runs sampled)
-//
-// @note Enabling this will override the singleton `tls.createSecureContext` method
-// which will be affected for every request sent (using native HTTPS etc.) on the
-// same process. BUT, this will only be effective when `extraCA` option is
-// passed to `tls.createSecureContext`, which is limited to this library.
-request.enableNodeExtraCACerts = function (callback) {
-  // @note callback is optional to catch missing tls method
-  !callback && (callback = function () {})
-
-  // bail out if already enabled
-  if (tls.__createSecureContext) {
-    return callback()
-  }
-
-  // enable only if `SecureContext.addCACert` is present
-  // otherwise return callback with error.
-  // @note try-catch is used to make sure testing this will not break
-  // the main process due to OpenSSL error.
-  try {
-    var testContext = tls.createSecureContext()
-
-    if (!(testContext && testContext.context &&
-        typeof testContext.context.addCACert === 'function')) {
-      return callback(new Error('SecureContext.addCACert is not a function'))
-    }
-  } catch (err) {
-    return callback(err)
-  }
-
-  // store the original tls.createSecureContext method.
-  // used to extend existing functionality as well as restore later.
-  tls.__createSecureContext = tls.createSecureContext
-
-  // override tls.createSecureContext with extraCA support
-  // @note if agent is keepAlive, same context will be reused.
-  tls.createSecureContext = function () {
-    // call original createSecureContext and store the context
-    var secureContext = tls.__createSecureContext.apply(this, arguments)
-
-    // if `extraCA` is present in options, extend CA certs
-    // @note this request option is available here because all the
-    // Request properties are passed to HTTPS Agent.
-    if (arguments[0] && arguments[0].extraCA) {
-      // extend root CA with specified CA certificates
-      // @note `addCACert` is an undocumented API and performs an expensive operations
-      // Refer: https://github.com/nodejs/node/blob/v10.15.1/lib/_tls_common.js#L97
-      secureContext.context.addCACert(arguments[0].extraCA)
-    }
-
-    return secureContext
-  }
-
-  // enabled extra CA support
-  return callback()
-}
-
-// disable the extended CA certificates feature
-request.disableNodeExtraCACerts = function () {
-  // bail out if not enabled
-  if (typeof tls.__createSecureContext !== 'function') {
-    return
-  }
-
-  // reset `tls.createSecureContext` with the original method
-  tls.createSecureContext = tls.__createSecureContext
-
-  // delete the reference of original method
-  delete tls.__createSecureContext
-}
-
 // Exports
@@ -223,0 +136,0 @@

package.json

@@ -10,3 +10,3 @@ {
   ],
-  "version": "2.88.1-postman.33",
+  "version": "2.88.1-postman.34",
   "repository": {
@@ -13,0 +13,0 @@ "type": "git",

README.md

@@ -812,3 +812,3 @@
 
-When this feature is enabled, the root CAs can be extended using the `extraCA` option. The file should consist of one or more trusted certificates in PEM format.
+The root CAs can be extended using the `extraCA` option. The file should consist of one or more trusted certificates in PEM format.
 
@@ -818,5 +818,2 @@ This is similar to [NODE_EXTRA_CA_CERTS](https://nodejs.org/api/cli.html#cli_node_extra_ca_certs_file). But, if `options.ca` is specified, those will be extended as well.
 ```js
-// enable extending CAs
-request.enableNodeExtraCACerts();
-
 // request with extra CA certs
@@ -827,6 +824,2 @@ request.get({
 });
-
-// disable this feature
-request.disableNodeExtraCACerts()
-
 ```
@@ -833,0 +826,0 @@

request.js

@@ -642,3 +642,8 @@ 'use strict'
   } else {
-    self.agent = self.agent || self.getNewAgent()
+    try {
+      self.agent = self.agent || self.getNewAgent()
+    } catch (error) {
+      // tls.createSecureContext() throws on bad options
+      return self.emit('error', error)
+    }
   }
@@ -828,3 +833,3 @@
     // only add when NodeExtraCACerts is enabled
-    if (tls.__createSecureContext && options.extraCA) {
+    if (options.extraCA) {
       if (poolKey) {
@@ -834,2 +839,7 @@ poolKey += ':'
       poolKey += options.extraCA
+
+      // Create a new secure context to add the extra CA
+      var secureContext = tls.createSecureContext(options)
+      secureContext.context.addCACert(options.extraCA)
+      options.secureContext = secureContext
     }
@@ -836,0 +846,0 @@

No alert changes

Improved metrics

Number of medium supply chain risk alerts

4

decreased by-20%

Worsened metrics

Total package byte prevSize

172333

decreased by-29.41%

Number of package files

19

decreased by-5%

Lines of code

3223

decreased by-2.01%

Number of lines in readme file

1276

decreased by-0.55%

No dependency changes