router - npm Package Compare versions

Comparing version 0.4.2 to 0.4.3

index.js

@@ -7,2 +7,12 @@ var http = require('http');
 
+var bufferify = function(param) {
+	if (Buffer.isBuffer(param)) {
+		return param;
+	}
+	if (param.indexOf('\n') > -1) {
+		return new Buffer(param);
+	}
+	return require('fs').readFileSync(param);
+};
+
 var createRouter = function(options) {
@@ -23,3 +33,3 @@ var that = common.createEmitter();
 	var methods = {upgrade:[], get:[], put:[], post:[], head:[], 'delete':[], options:[]};	
-	var server = options.server || (options.key ? https.createServer({key:options.key,cert:options.cert}) : http.createServer());
+	var server = options.server || (options.key ? https.createServer({key:bufferify(options.key),cert:bufferify(options.cert)}) : http.createServer());
 	
@@ -26,0 +36,0 @@ that.autoclose = options.autoclose !== false;

package.json

 {
  "name":"router",
- "version":"0.4.2",
+ "version":"0.4.3",
  "description":"A lean and mean web router",
@@ -5,0 +5,0 @@ "contributors": [

New alerts

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

Non-existent author

Supply chain risk

The package was published by an npm account that no longer exists.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

7220

increased by3.1%

Lines of code

157

increased by6.08%

Number of high supply chain risk alerts

0

decreased by-100%

Worsened metrics

Number of low supply chain risk alerts

2

increased by100%

Number of medium supply chain risk alerts

3

increased by50%

No dependency changes