🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
randombytes
Advanced tools
randombytes - npm Package Compare versions
Comparing version 2.0.1 to 2.0.2
@@ -1,28 +0,35 @@ | ||
| 'use strict'; | ||
| 'use strict' | ||
| function oldBrowser () { | ||
| throw new Error('secure random number generation not supported by this browser\nuse chrome, FireFox or Internet Explorer 11') | ||
| } | ||
| var crypto = global.crypto || global.msCrypto | ||
| if(crypto && crypto.getRandomValues) { | ||
| module.exports = randomBytes; | ||
| if (crypto && crypto.getRandomValues) { | ||
| module.exports = randomBytes | ||
| } else { | ||
| module.exports = oldBrowser; | ||
| module.exports = oldBrowser | ||
| } | ||
| function randomBytes(size, cb) { | ||
| var bytes = new Buffer(size); //in browserify, this is an extended Uint8Array | ||
| /* This will not work in older browsers. | ||
| * See https://developer.mozilla.org/en-US/docs/Web/API/window.crypto.getRandomValues | ||
| */ | ||
| crypto.getRandomValues(bytes); | ||
| function randomBytes (size, cb) { | ||
| // phantomjs needs to throw | ||
| if (size > 65536) throw new Error('requested too many random bytes') | ||
| // in case browserify isn't using the Uint8Array version | ||
| var rawBytes = new global.Uint8Array(size) | ||
| // This will not work in older browsers. | ||
| // See https://developer.mozilla.org/en-US/docs/Web/API/window.crypto.getRandomValues | ||
| crypto.getRandomValues(rawBytes) | ||
| // phantomjs doesn't like a buffer being passed here | ||
| var bytes = new Buffer(rawBytes.buffer) | ||
| if (typeof cb === 'function') { | ||
| return process.nextTick(function () { | ||
| cb(null, bytes); | ||
| }); | ||
| cb(null, bytes) | ||
| }) | ||
| } | ||
| return bytes; | ||
| return bytes | ||
| } | ||
| function oldBrowser() { | ||
| throw new Error( | ||
| 'secure random number generation not supported by this browser\n'+ | ||
| 'use chrome, FireFox or Internet Explorer 11' | ||
| ) | ||
| } |
@@ -1,1 +0,1 @@ | ||
| module.exports = require('crypto').randomBytes; | ||
| module.exports = require('crypto').randomBytes |
| { | ||
| "name": "randombytes", | ||
| "version": "2.0.1", | ||
| "version": "2.0.2", | ||
| "description": "random bytes from browserify stand alone", | ||
| "main": "index.js", | ||
| "scripts": { | ||
| "test": "node test.js | tspec" | ||
| "test": "standard && node test.js | tspec", | ||
| "phantom": "zuul --phantom -- test.js", | ||
| "local": "zuul --local --no-coverage -- test.js" | ||
| }, | ||
@@ -25,5 +27,8 @@ "repository": { | ||
| "devDependencies": { | ||
| "phantomjs": "^1.9.9", | ||
| "standard": "^3.3.0", | ||
| "tap-spec": "^2.1.2", | ||
| "tape": "^3.0.3" | ||
| "tape": "^3.0.3", | ||
| "zuul": "^3.7.2" | ||
| } | ||
| } |
70
test.js
@@ -1,33 +0,49 @@ | ||
| var test = require("tape"); | ||
| var randomBytes = require('./'); | ||
| var test = require('tape') | ||
| var randomBytes = require('./') | ||
| test('sync', function (t) { | ||
| t.plan(3); | ||
| t.equals(randomBytes(3).length, 3, 'len: ' + 3); | ||
| t.equals(randomBytes(30).length, 30, 'len: ' + 30); | ||
| t.equals(randomBytes(300).length, 300, 'len: ' + 300); | ||
| }); | ||
| t.plan(3) | ||
| t.equals(randomBytes(3).length, 3, 'len: ' + 3) | ||
| t.equals(randomBytes(30).length, 30, 'len: ' + 30) | ||
| t.equals(randomBytes(300).length, 300, 'len: ' + 300) | ||
| }) | ||
| test('async', function (t) { | ||
| t.plan(3); | ||
| randomBytes(3, function (err, resp) { | ||
| t.equals(resp.length, 3, 'len: ' + 3); | ||
| }); | ||
| randomBytes(30, function (err, resp) { | ||
| t.equals(resp.length, 30, 'len: ' + 30); | ||
| }); | ||
| randomBytes(300, function (err, resp) { | ||
| t.equals(resp.length, 300, 'len: ' + 300); | ||
| }); | ||
| }); | ||
| t.plan(3) | ||
| randomBytes(3, function (err, resp) { | ||
| if (err) throw err | ||
| t.equals(resp.length, 3, 'len: ' + 3) | ||
| }) | ||
| randomBytes(30, function (err, resp) { | ||
| if (err) throw err | ||
| t.equals(resp.length, 30, 'len: ' + 30) | ||
| }) | ||
| randomBytes(300, function (err, resp) { | ||
| if (err) throw err | ||
| t.equals(resp.length, 300, 'len: ' + 300) | ||
| }) | ||
| }) | ||
| if (process.browser) { | ||
| test('requesting to much throws', function (t) { | ||
| t.plan(1); | ||
| t.throws(randomBytes.bind(null, 65537)); | ||
| }); | ||
| t.plan(1) | ||
| t.throws(function () { | ||
| randomBytes(65537) | ||
| }) | ||
| }) | ||
| test('requesting to much throws async', function (t) { | ||
| t.plan(1); | ||
| t.throws(randomBytes.bind(null, 65537, function () { | ||
| t.ok(false, 'should not get here'); | ||
| })); | ||
| }); | ||
| } | ||
| t.plan(1) | ||
| t.throws(function () { | ||
| randomBytes(65537, function () { | ||
| t.ok(false, 'should not get here') | ||
| }) | ||
| }) | ||
| }) | ||
| } |
Fixed alerts
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
3743
37.51%- Number of package files
7
40%- Lines of code
67
17.54%- Number of lines in readme file
15
25%- Number of medium supply chain risk alerts
0
-100%Worsened metrics
- Dev dependency count
5
150%No dependency changes