New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
scalper - npm Package Compare versions
Comparing version 0.0.1-alpha to 0.0.1
@@ -5,3 +5,3 @@ { | ||
| "author": "Joe Wagner", | ||
| "version": "0.0.1-alpha", | ||
| "version": "0.0.1", | ||
| "scripts": { | ||
@@ -11,2 +11,5 @@ "test": "NODE_ENV=test mocha" | ||
| "main": "index.js", | ||
| "dependencies": { | ||
| "node-uuid": "~1.4.1" | ||
| }, | ||
| "devDependencies": { | ||
@@ -13,0 +16,0 @@ "mocha": "~1.12.0", |
| scalper | ||
| ======= | ||
| A socket.io authentication ticket store designed to allow an application to use an express app to do auth for a socket.io app | ||
| A ticket store designed to allow an application to use an express app to do auth for a socket.io app | ||
| Setup | ||
| ===== | ||
| See `example/passport-auth/` for basic usage with express 4, passport, and socket.io. Notice the socket.io server and the express server are completely separated. They could potentially be hosted on separate domains without issue. | ||
| Worth noting that the example uses http for simplicity, but its recommended to use https. | ||
| Motivation | ||
| ========== | ||
| There are many advantages for token based authentication when using websockets. | ||
| Heroku docs have a [nice article](https://devcenter.heroku.com/articles/websocket-security) outlining some of the details of securing websockets. | ||
| [authO.com](https://auth0.com/blog/2014/01/15/auth-with-socket-io/) has a blog post that also goes over the details of token based auth with socket.io |
New alerts
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Fixed alerts
Empty package
Supply chain riskPackage does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by542.11%
10903
- Number of package files
- increased by366.67%
14
- Lines of code
- increased byInfinity%
208
- Number of lines in readme file
- increased by260%
18
Worsened metrics
- Dependency count
- increased byInfinity%
1
- Number of medium supply chain risk alerts
- increased by200%
3
Dependency changes
+ Addednode-uuid@~1.4.1
+ Addednode-uuid@1.4.8(transitive)