rss-parser - npm Package Compare versions

Comparing version 3.7.6 to 3.8.0

index.d.ts

 import { Options } from 'xml2js';
+import { RequestOptions } from 'https';
 
@@ -18,2 +19,3 @@ declare namespace Parser {
     readonly xml2js?: Options;
+    readonly requestOptions?: RequestOptions;
     readonly headers?: Headers;
@@ -20,0 +22,0 @@ readonly defaultRSS?: number;

lib/parser.js

@@ -24,2 +24,3 @@ "use strict";
     options.customFields.feed = options.customFields.feed || [];
+    options.requestOptions = options.requestOptions || {};
     if (!options.maxRedirects) options.maxRedirects = DEFAULT_MAX_REDIRECTS;
@@ -78,10 +79,4 @@ if (!options.timeout) options.timeout = DEFAULT_TIMEOUT;
     let prom = new Promise((resolve, reject) => {
-      let req = get({
-        headers,
-        auth: urlParts.auth,
-        protocol: urlParts.protocol,
-        hostname: urlParts.hostname,
-        port: urlParts.port,
-        path: urlParts.path,
-      }, (res) => {
+      const requestOpts = Object.assign({headers}, urlParts, this.options.requestOptions);
+      let req = get(requestOpts, (res) => {
         if (this.options.maxRedirects && res.statusCode >= 300 && res.statusCode < 400 && res.headers['location']) {
@@ -88,0 +83,0 @@ if (redirectCount === this.options.maxRedirects) {

package.json

 {
   "name": "rss-parser",
-  "version": "3.7.6",
+  "version": "3.8.0",
   "main": "index.js",
@@ -5,0 +5,0 @@ "types": "index.d.ts",

README.md

@@ -207,3 +207,16 @@ # rss-parser
 
+### Request passthrough
+`rss-parser` uses [http](https://nodejs.org/docs/latest/api/http.html#http_http_get_url_options_callback)/[https](https://nodejs.org/docs/latest/api/https.html#https_https_get_url_options_callback) module
+to do requests. You can pass [these options](https://nodejs.org/docs/latest/api/https.html#https_https_request_options_callback)
+to `http.get()`/`https.get()` by specifying `options.requestOptions`:
 
+e.g. to allow unauthorized certificate
+```js
+let parser = new Parser({
+  requestOptions: {
+    rejectUnauthorized: false
+  }
+});
+```
+
 ## Contributing
@@ -210,0 +223,0 @@ Contributions are welcome! If you are adding a feature or fixing a bug, please be sure to add a [test case](https://github.com/bobby-brennan/rss-parser/tree/master/test/input)

New alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Fixed alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Improved metrics

Number of lines in readme file

243

increased by5.65%

Number of low supply chain risk alerts

5

decreased by-54.55%

Worsened metrics

Total package byte prevSize

3185737

decreased by-55.68%

Number of package files

17

decreased by-76.06%

Lines of code

31640

decreased by-23.08%

No dependency changes