router - npm Package Compare versions

Comparing version 2.0.0-beta.1 to 2.0.0-beta.2

HISTORY.md

@@ -0,1 +1,8 @@
+2.0.0-beta.2 / 2024-03-20
+=========================
+
+This incorporates all changes after 1.3.5 up to 1.3.8.
+
+  * Add support for returned, rejected Promises to `router.param`
+
 2.0.0-beta.1 / 2020-03-29
@@ -11,3 +18,3 @@ =========================
   * deps: path-to-regexp@3.2.0
-    - Add new `?`, `*`, and `+` parameter modifiers
+    - Add new `?`, `*`, and `+` parameter modifiers.
     - Matching group expressions are only RegExp syntax.
@@ -17,5 +24,7 @@ `(*)` is no longer valid and must be written as `(.*)`, for example.
       `/:foo(.*)` only captures as `req.params.foo` and not available as
-      `req.parmas[0]`.
+      `req.params[0]`.
     - Regular expressions can only be used in a matching group.
       `/\\d+` is no longer valid and must be written as `/(\\d+)`.
+    - Matching groups are now literal regular expressions.
+      `:foo` named captures can no longer be included inside a capture group.
     - Special `*` path segment behavior removed.
@@ -38,2 +47,18 @@ `/foo/*/bar` will match a literal `*` as the middle segment.
 
+1.3.8 / 2023-02-24
+==================
+
+  * Fix routing requests without method
+
+1.3.7 / 2022-04-28
+==================
+
+  * Fix hanging on large stack of sync routes
+
+1.3.6 / 2021-11-15
+==================
+
+  * Fix handling very large stacks of sync middleware
+  * deps: safe-buffer@5.2.1
+
 1.3.5 / 2020-03-24
@@ -40,0 +65,0 @@ ==================

index.js

 /*!
  * router
  * Copyright(c) 2013 Roman Shtylman
- * Copyright(c) 2014 Douglas Christopher Wilson
+ * Copyright(c) 2014-2022 Douglas Christopher Wilson
  * MIT Licensed
@@ -16,2 +16,3 @@ */
 var flatten = require('array-flatten').flatten
+var isPromise = require('is-promise')
 var Layer = require('./lib/layer')
@@ -159,2 +160,3 @@ var methods = require('methods')
   var slashAdded = false
+  var sync = 0
   var paramcalled = {}
@@ -192,3 +194,3 @@
     if (slashAdded) {
-      req.url = req.url.substr(1)
+      req.url = req.url.slice(1)
       slashAdded = false
@@ -200,3 +202,3 @@ }
       req.baseUrl = parentUrl
-      req.url = protohost + removed + req.url.substr(protohost.length)
+      req.url = protohost + removed + req.url.slice(protohost.length)
       removed = ''
@@ -217,2 +219,7 @@ }
 
+    // max sync stack
+    if (++sync > 100) {
+      return setImmediate(next, err)
+    }
+
     // get pathname of request
@@ -289,10 +296,10 @@ var path = getPathname(req)
       if (err) {
-        return next(layerError || err)
+        next(layerError || err)
+      } else if (route) {
+        layer.handleRequest(req, res, next)
+      } else {
+        trimPrefix(layer, layerError, layerPath, path)
       }
 
-      if (route) {
-        return layer.handleRequest(req, res, next)
-      }
-
-      trimPrefix(layer, layerError, layerPath, path)
+      sync = 0
     })
@@ -304,3 +311,3 @@ }
       // Validate path is a prefix match
-      if (layerPath !== path.substr(0, layerPath.length)) {
+      if (layerPath !== path.substring(0, layerPath.length)) {
         next(layerError)
@@ -320,3 +327,3 @@ return
       removed = layerPath
-      req.url = protohost + req.url.substr(protohost.length + removed.length)
+      req.url = protohost + req.url.slice(protohost.length + removed.length)
 
@@ -496,6 +503,6 @@ // Ensure leading slash
     : url.length
-  var fqdnIndex = url.substr(0, pathLength).indexOf('://')
+  var fqdnIndex = url.substring(0, pathLength).indexOf('://')
 
   return fqdnIndex !== -1
-    ? url.substr(0, url.indexOf('/', 3 + fqdnIndex))
+    ? url.substring(0, url.indexOf('/', 3 + fqdnIndex))
     : undefined
@@ -646,3 +653,8 @@ }
     try {
-      fn(req, res, paramCallback, paramVal, key.name)
+      var ret = fn(req, res, paramCallback, paramVal, key.name)
+      if (isPromise(ret)) {
+        ret.then(null, function (error) {
+          paramCallback(error || new Error('Rejected promise'))
+        })
+      }
     } catch (e) {
@@ -649,0 +661,0 @@ paramCallback(e)

lib/layer.js

 /*!
  * router
  * Copyright(c) 2013 Roman Shtylman
- * Copyright(c) 2014 Douglas Christopher Wilson
+ * Copyright(c) 2014-2022 Douglas Christopher Wilson
  * MIT Licensed
@@ -15,2 +15,3 @@ */
 
+var isPromise = require('is-promise')
 var pathRegexp = require('path-to-regexp')
@@ -192,16 +193,2 @@
 /**
- * Returns true if the val is a Promise.
- *
- * @param {*} val
- * @return {boolean}
- * @private
- */
-
-function isPromise (val) {
-  return val &&
-    typeof val === 'object' &&
-    typeof val.then === 'function'
-}
-
-/**
  * Loosens the given path for path-to-regexp matching.
@@ -208,0 +195,0 @@ */

lib/route.js

 /*!
  * router
  * Copyright(c) 2013 Roman Shtylman
- * Copyright(c) 2014 Douglas Christopher Wilson
+ * Copyright(c) 2014-2022 Douglas Christopher Wilson
  * MIT Licensed
@@ -26,2 +26,7 @@ */
 
+/* istanbul ignore next */
+var defer = typeof setImmediate === 'function'
+  ? setImmediate
+  : function (fn) { process.nextTick(fn.bind.apply(fn, arguments)) }
+
 /**
@@ -58,3 +63,5 @@ * Expose `Route`.
   // normalize name
-  var name = method.toLowerCase()
+  var name = typeof method === 'string'
+    ? method.toLowerCase()
+    : method
 
@@ -98,2 +105,4 @@ if (name === 'head' && !this.methods.head) {
   var stack = this.stack
+  var sync = 0
+
   if (stack.length === 0) {
@@ -103,3 +112,6 @@ return done()
 
-  var method = req.method.toLowerCase()
+  var method = typeof req.method === 'string'
+    ? req.method.toLowerCase()
+    : req.method
+
   if (method === 'head' && !this.methods.head) {
@@ -129,2 +141,7 @@ method = 'get'
 
+    // max sync stack
+    if (++sync > 100) {
+      return defer(next, err)
+    }
+
     var layer
@@ -149,2 +166,4 @@ var match
     }
+
+    sync = 0
   }
@@ -151,0 +170,0 @@ }

package.json

 {
   "name": "router",
   "description": "Simple middleware-style router",
-  "version": "2.0.0-beta.1",
+  "version": "2.0.0-beta.2",
   "author": "Douglas Christopher Wilson <doug@somethingdoug.com>",
@@ -13,2 +13,3 @@ "contributors": [
     "array-flatten": "3.0.0",
+    "is-promise": "4.0.0",
     "methods": "~1.1.2",
@@ -22,14 +23,14 @@ "parseurl": "~1.3.3",
     "after": "0.8.2",
-    "eslint": "6.8.0",
+    "eslint": "8.34.0",
     "eslint-config-standard": "14.1.1",
-    "eslint-plugin-import": "2.20.1",
-    "eslint-plugin-markdown": "1.0.2",
-    "eslint-plugin-node": "11.0.0",
-    "eslint-plugin-promise": "4.2.1",
-    "eslint-plugin-standard": "4.0.1",
-    "finalhandler": "1.1.2",
-    "mocha": "7.1.1",
-    "nyc": "15.0.0",
-    "safe-buffer": "5.2.0",
-    "supertest": "4.0.2"
+    "eslint-plugin-import": "2.26.0",
+    "eslint-plugin-markdown": "3.0.0",
+    "eslint-plugin-node": "11.1.0",
+    "eslint-plugin-promise": "5.2.0",
+    "eslint-plugin-standard": "4.1.0",
+    "finalhandler": "1.2.0",
+    "mocha": "10.2.0",
+    "nyc": "15.1.0",
+    "safe-buffer": "5.2.1",
+    "supertest": "6.3.3"
   },
@@ -41,2 +42,3 @@ "files": [
     "README.md",
+    "SECURITY.md",
     "index.js"
@@ -48,8 +50,8 @@ ],
   "scripts": {
-    "lint": "eslint --plugin markdown --ext js,md .",
+    "lint": "eslint .",
     "test": "mocha --reporter spec --bail --check-leaks test/",
+    "test-ci": "nyc --reporter=lcov --reporter=text npm test",
     "test-cov": "nyc --reporter=text npm test",
-    "test-travis": "nyc --reporter=html --reporter=text npm test",
     "version": "node scripts/version-history.js && git add HISTORY.md"
   }
 }

README.md

@@ -6,3 +6,3 @@ # router
 [![Node.js Version][node-version-image]][node-version-url]
-[![Build Status][travis-image]][travis-url]
+[![Build Status][ci-image]][ci-url]
 [![Test Coverage][coveralls-image]][coveralls-url]
@@ -119,2 +119,7 @@
 
+The function can optionally return a `Promise` object. If a `Promise` object
+is returned from the function, the router will attach an `onRejected` callback
+using `.then`. If the promise is rejected, `next` will be called with the
+rejected value, or an error if the value is falsy.
+
 Parameter mapping is used to provide pre-conditions to routes
@@ -404,2 +409,4 @@ which use normalized placeholders. For example a _:user_id_ parameter
 
+[ci-image]: https://badgen.net/github/checks/pillarjs/router/master?label=ci
+[ci-url]: https://github.com/pillarjs/router/actions/workflows/ci.yml
 [npm-image]: https://img.shields.io/npm/v/router.svg
@@ -409,4 +416,2 @@ [npm-url]: https://npmjs.org/package/router
 [node-version-url]: http://nodejs.org/download/
-[travis-image]: https://img.shields.io/travis/pillarjs/router/master.svg
-[travis-url]: https://travis-ci.org/pillarjs/router
 [coveralls-image]: https://img.shields.io/coveralls/pillarjs/router/master.svg
@@ -413,0 +418,0 @@ [coveralls-url]: https://coveralls.io/r/pillarjs/router?branch=master

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

45395

increased by6.17%

Number of package files

8

increased by14.29%

Lines of code

955

increased by1.6%

Number of lines in readme file

417

increased by1.21%

Worsened metrics

Dependency count

7

increased by16.67%

Number of medium supply chain risk alerts

1

increased byInfinity%

Dependency changes

• + Addedis-promise@4.0.0

• + Addedis-promise@4.0.0(transitive)