saml2-js - npm Package Compare versions

Comparing version 0.2.4 to 0.2.7

lib-js/saml2.js

 // Generated by CoffeeScript 1.7.1
-var IdentityProvider, ServiceProvider, XMLNS, async, certificate_to_keyinfo, check_saml_signature, check_status_success, create_authn_request, create_logout_request, create_metadata, crypto, decrypt_assertion, format_pem, get_name_id, get_session_index, parseString, parse_assertion_attributes, parse_authn_response, parse_response_header, pretty_assertion_attributes, sign_get_request, to_error, url, util, xmlbuilder, xmlcrypto, xmldom, xmlenc, zlib, _,
+var IdentityProvider, ServiceProvider, XMLNS, async, certificate_to_keyinfo, check_saml_signature, check_status_success, create_authn_request, create_logout_request, create_metadata, crypto, debug, decrypt_assertion, format_pem, get_name_id, get_session_index, parseString, parse_assertion_attributes, parse_authn_response, parse_response_header, pretty_assertion_attributes, sign_get_request, to_error, url, util, xmlbuilder, xmlcrypto, xmldom, xmlenc, zlib, _,
   __slice = [].slice,
@@ -12,2 +12,4 @@ __bind = function(fn, me){ return function(){ return fn.apply(me, arguments); }; };
 
+debug = require('debug')('saml2');
+
 parseString = require('xml2js').parseString;
@@ -363,2 +365,3 @@
     }, function(result, cb_wf) {
+      debug(result);
       decrypted_assertion = (new xmldom.DOMParser()).parseFromString(result);
@@ -436,2 +439,3 @@ if (!_.some(idp_certificates, function(cert) {
       }, function(response_buffer, cb_wf) {
+        debug(saml_response);
         saml_response = (new xmldom.DOMParser()).parseFromString(response_buffer.toString());
@@ -438,0 +442,0 @@ return async.lift(parse_response_header)(saml_response, cb_wf);

package.json

 {
   "name": "saml2-js",
-  "version": "0.2.4",
+  "version": "0.2.7",
   "description": "SAML 2.0 node helpers",
@@ -31,11 +31,12 @@ "author": "Clever",
   "dependencies": {
+    "async": "~0.2.10",
+    "async-ext": "~0.1.4",
+    "debug": "^1.0.4",
     "underscore": "~1.6.0",
+    "xml-crypto": "0.0.22",
+    "xml-encryption": "~0.6.0",
     "xml2js": "~0.4.1",
     "xmlbuilder": "~2.1.0",
-    "xml-crypto": "0.0.22",
-    "xmldom": "~0.1.19",
-    "xml-encryption": "~0.6.0",
-    "async": "~0.2.10",
-    "async-ext": "~0.1.4"
+    "xmldom": "~0.1.19"
   }
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

No License Found

License

(Experimental) License information could not be found.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

83071

increased by34.01%

Number of package files

29

increased by38.1%

Number of low license alerts

0

decreased by-100%

Lines of code

528

increased by11.16%

Worsened metrics

Dependency count

9

increased by12.5%

Number of low supply chain risk alerts

4

increased by33.33%

Number of medium supply chain risk alerts

2

increased byInfinity%

Dependency changes

• + Addeddebug@^1.0.4

• + Addeddebug@1.0.5(transitive)

• + Addedms@2.0.0(transitive)