prerender - npm Package Compare versions

Comparing version 5.20.2 to 5.20.3

CHANGELOG.md

@@ -5,2 +5,7 @@ # Change Log
 
+## 5.20.3 - 2024-04-17
+### Changed
+- Add `proxyServer` option to allow for a proxy server to be used by Headless Chrome
+- Add `extraChromeFlags` option to add additional Chrome flags without overriding the default flags
+
 ## 5.20.2 - 2023-03-01
@@ -7,0 +12,0 @@ - Add `x-prerender-render-id` and `x-prerender-render-at` meta tags to header

lib/browsers/chrome.js

@@ -35,3 +35,3 @@ const CDP = require('chrome-remote-interface');
 
-		this.chromeChild = spawn(location, this.options.chromeFlags || [
+		const chromeFlags = this.options.chromeFlags || [
 			'--headless',
@@ -41,4 +41,11 @@ '--disable-gpu',
 			'--hide-scrollbars',
-		]);
+		];
 
+		if (!this.options.chromeFlags) {
+			if (this.options.extraChromeFlags) chromeFlags = chromeFlags.concat(this.options.extraChromeFlags);
+			if (this.options.proxyServer) chromeFlags.push('--proxy-server=' + this.options.proxyServer);
+		}
+
+		this.chromeChild = spawn(location, chromeFlags, {shell: true});
+
 		resolve();
@@ -45,0 +52,0 @@ });

package.json

@@ -5,3 +5,3 @@ {
   "description": "Service to prerender Javascript rendered pages for SEO",
-  "version": "5.20.2",
+  "version": "5.20.3",
   "license": "MIT",
@@ -32,2 +32,2 @@ "repository": {
   }
-}
+}

New alerts

Network access

Supply chain risk

This module accesses the network.

Found 2 instances in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 19 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Fixed alerts

Network access

Supply chain risk

This module accesses the network.

Found 2 instances in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 19 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

AI-detected potential code anomaly

Supply chain risk

AI has identified unusual behaviors that may pose a security risk.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

92106

0.56%

Lines of code

1641

0.31%

Number of low supply chain risk alerts

25

-3.85%

No dependency changes