scene-stealer
Advanced tools
Comparing version 1.0.1 to 1.0.2
{ | ||
"name": "scene-stealer", | ||
"version": "1.0.1", | ||
"version": "1.0.2", | ||
"description": "An HTTP Interface to take a screenshot via puppeteer of a part of a website and send it to you via slack", | ||
@@ -30,11 +30,12 @@ "main": "index.js", | ||
"dependencies": { | ||
"@google-cloud/storage": "^1.5.2", | ||
"body-parser": "^1.18.2", | ||
"express": "^4.16.2", | ||
"lodash": "^4.17.5", | ||
"moment": "^2.20.1", | ||
"performance-now": "^2.1.0", | ||
"puppeteer": "^1.0.0", | ||
"request": "^2.83.0", | ||
"request-promise": "^4.2.2" | ||
"@google-cloud/storage": "1.5.2", | ||
"aigle": "1.11.0", | ||
"body-parser": "1.18.2", | ||
"express": "4.16.2", | ||
"lodash": "4.17.5", | ||
"moment": "2.20.1", | ||
"performance-now": "2.1.0", | ||
"puppeteer": "1.0.0", | ||
"request": "2.83.0", | ||
"request-promise": "4.2.2" | ||
}, | ||
@@ -41,0 +42,0 @@ "devDependencies": { |
@@ -32,2 +32,7 @@ # scene-stealer | ||
## Known issues | ||
- 1.0.0: Didn't consider well addressing reusing puppeteer broweser. So it's very leaky so don't use it. | ||
- 1.0.1: [This part](https://github.com/Rainist/scene-stealer/blob/612ba9b30d805199ea3c18acb59a1976c5ed784d/src/stealer.js#L27) doesn't seem to release the memory of the page so therefore there is a memory leak for several MB every time it steals the scene. | ||
> So WIP to fix this issue | ||
## Contribution | ||
@@ -34,0 +39,0 @@ [any contributions are welcome.](https://github.com/rainist/scene-stealer/issues/new) |
@@ -14,2 +14,3 @@ 'use strict' | ||
scene, | ||
keys, | ||
storage, | ||
@@ -20,3 +21,3 @@ markets | ||
const start = now() | ||
const localImagePath = await steal(scene) | ||
const localImagePath = await steal(scene, keys) | ||
const remoteImageURL = await store(localImagePath, storage) // currently only support gcs | ||
@@ -23,0 +24,0 @@ fs.unlinkSync(localImagePath) |
'use strict' | ||
const puppeteer = require('puppeteer'); | ||
const crypto = require("crypto"); | ||
const puppeteer = require('puppeteer') | ||
const crypto = require('crypto') | ||
const { unlock } = require('./locksmith') | ||
const NO_SANDBOX = !!process.env.NO_SANDBOX | ||
let browser = undefined | ||
let isBrowserReady = false | ||
async function steal({ url, selector, dom_index: domIndex = 0, viewport }) { | ||
const sleep = ms => new Promise(resolve => setTimeout(resolve, ms)) | ||
async function steal({ url, selector, dom_index: domIndex = 0, viewport, wait_ms: waitMS = 100 }, keys = undefined) { | ||
if (!isBrowserReady) { | ||
@@ -16,9 +21,15 @@ throw 'Puppeteer browser is not ready please try again in a bit!' | ||
if (keys) { | ||
await unlock(page, keys) | ||
} | ||
await page.goto(url, {waitUntil: 'networkidle0'}) | ||
await page.setViewport(viewport) | ||
page.setViewport(viewport) | ||
await sleep(waitMS) | ||
const elements = await page.$$(selector) | ||
const ele = elements[domIndex] | ||
const randomFilename = crypto.randomBytes(5).toString('hex'); | ||
const randomFilename = crypto.randomBytes(5).toString('hex') | ||
const path = `${randomFilename}.png` | ||
@@ -35,3 +46,5 @@ | ||
await kill(true) | ||
browser = await puppeteer.launch() | ||
const launchOptions = NO_SANDBOX ? {args: ['--no-sandbox']} : null | ||
browser = await puppeteer.launch(launchOptions) | ||
isBrowserReady = true | ||
@@ -48,3 +61,3 @@ } | ||
await browser.close(); | ||
await browser.close() | ||
isBrowserReady = false | ||
@@ -51,0 +64,0 @@ } |
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
13597
15
394
44
10
7
+ Addedaigle@1.11.0
+ Added@google-cloud/common@0.15.2(transitive)
+ Added@google-cloud/storage@1.5.2(transitive)
+ Addedaigle@1.11.0(transitive)
+ Addedaigle-core@1.0.0(transitive)
+ Addedajv@5.5.2(transitive)
+ Addedbody-parser@1.18.2(transitive)
+ Addedboom@4.3.15.3.3(transitive)
+ Addedbuffer-equal@1.0.1(transitive)
+ Addedbytes@3.0.0(transitive)
+ Addedco@4.6.0(transitive)
+ Addedcontent-disposition@0.5.2(transitive)
+ Addedcookie@0.3.1(transitive)
+ Addedcryptiles@3.2.1(transitive)
+ Addeddepd@1.1.11.1.2(transitive)
+ Addeddestroy@1.0.4(transitive)
+ Addedexpress@4.16.2(transitive)
+ Addedfast-deep-equal@1.1.0(transitive)
+ Addedfinalhandler@1.1.0(transitive)
+ Addedgcp-metadata@0.3.1(transitive)
+ Addedgcs-resumable-upload@0.8.2(transitive)
+ Addedgoogle-auth-library@0.10.00.12.0(transitive)
+ Addedgoogle-auto-auth@0.7.20.8.2(transitive)
+ Addedgoogle-p12-pem@0.1.2(transitive)
+ Addedgtoken@1.2.3(transitive)
+ Addedhar-validator@5.0.3(transitive)
+ Addedhawk@6.0.2(transitive)
+ Addedhoek@4.3.1(transitive)
+ Addedhttp-errors@1.6.21.6.3(transitive)
+ Addediconv-lite@0.4.19(transitive)
+ Addedinherits@2.0.3(transitive)
+ Addedjson-schema-traverse@0.3.1(transitive)
+ Addedlodash@4.17.5(transitive)
+ Addedlodash.merge@4.6.2(transitive)
+ Addedlodash.noop@3.0.1(transitive)
+ Addedlog-driver@1.2.5(transitive)
+ Addedmime@1.4.1(transitive)
+ Addedmoment@2.20.1(transitive)
+ Addednode-forge@0.7.6(transitive)
+ Addedoauth-sign@0.8.2(transitive)
+ Addedon-finished@2.3.0(transitive)
+ Addedpunycode@1.4.1(transitive)
+ Addedpuppeteer@1.0.0(transitive)
+ Addedqs@6.5.1(transitive)
+ Addedraw-body@2.3.2(transitive)
+ Addedrequest@2.83.0(transitive)
+ Addedrequest-promise@4.2.2(transitive)
+ Addedrequest-promise-core@1.1.1(transitive)
+ Addedsafe-buffer@5.1.1(transitive)
+ Addedsend@0.16.1(transitive)
+ Addedserve-static@1.13.1(transitive)
+ Addedsetprototypeof@1.0.31.1.0(transitive)
+ Addedsntp@2.1.0(transitive)
+ Addedstatuses@1.3.11.5.0(transitive)
+ Addedstringstream@0.0.6(transitive)
+ Addedtough-cookie@2.3.4(transitive)
+ Addedultron@1.1.1(transitive)
+ Addedws@3.3.3(transitive)
- Removed@google-cloud/common@0.17.0(transitive)
- Removed@google-cloud/storage@1.7.0(transitive)
- Removedabort-controller@3.0.0(transitive)
- Removedajv@6.12.6(transitive)
- Removedaxios@0.18.1(transitive)
- Removedbody-parser@1.20.2(transitive)
- Removedbytes@3.1.2(transitive)
- Removedcall-bind@1.0.7(transitive)
- Removedcompressible@2.0.18(transitive)
- Removedcontent-disposition@0.5.4(transitive)
- Removedcookie@0.6.0(transitive)
- Removeddebug@4.3.4(transitive)
- Removeddefine-data-property@1.1.4(transitive)
- Removeddepd@2.0.0(transitive)
- Removeddestroy@1.2.0(transitive)
- Removedes-define-property@1.0.0(transitive)
- Removedes-errors@1.3.0(transitive)
- Removedevent-target-shim@5.0.1(transitive)
- Removedexpress@4.19.2(transitive)
- Removedfast-deep-equal@3.1.3(transitive)
- Removedfinalhandler@1.2.0(transitive)
- Removedfollow-redirects@1.5.10(transitive)
- Removedfunction-bind@1.1.2(transitive)
- Removedgaxios@1.8.4(transitive)
- Removedgcp-metadata@0.6.3(transitive)
- Removedgcs-resumable-upload@0.10.2(transitive)
- Removedget-intrinsic@1.2.4(transitive)
- Removedgoogle-auth-library@1.6.1(transitive)
- Removedgoogle-auto-auth@0.10.1(transitive)
- Removedgoogle-p12-pem@1.0.5(transitive)
- Removedgopd@1.0.1(transitive)
- Removedgtoken@2.3.3(transitive)
- Removedhar-validator@5.1.5(transitive)
- Removedhas-property-descriptors@1.0.2(transitive)
- Removedhas-proto@1.0.3(transitive)
- Removedhas-symbols@1.0.3(transitive)
- Removedhasown@2.0.2(transitive)
- Removedhttp-errors@2.0.0(transitive)
- Removediconv-lite@0.4.24(transitive)
- Removedis-buffer@2.0.5(transitive)
- Removedjson-schema-traverse@0.4.1(transitive)
- Removedlog-driver@1.2.7(transitive)
- Removedlru-cache@4.1.5(transitive)
- Removedmime@2.6.0(transitive)
- Removedmoment@2.30.1(transitive)
- Removedms@2.1.2(transitive)
- Removednode-fetch@2.7.0(transitive)
- Removednode-forge@0.10.0(transitive)
- Removedoauth-sign@0.9.0(transitive)
- Removedobject-inspect@1.13.1(transitive)
- Removedon-finished@2.4.1(transitive)
- Removedpify@4.0.1(transitive)
- Removedpseudomap@1.0.2(transitive)
- Removedpsl@1.9.0(transitive)
- Removedpunycode@2.3.1(transitive)
- Removedpuppeteer@1.20.0(transitive)
- Removedqs@6.11.06.5.3(transitive)
- Removedraw-body@2.5.2(transitive)
- Removedrequest@2.88.2(transitive)
- Removedrequest-promise@4.2.6(transitive)
- Removedrequest-promise-core@1.1.4(transitive)
- Removedretry-axios@0.3.2(transitive)
- Removedsend@0.18.0(transitive)
- Removedserve-static@1.15.0(transitive)
- Removedset-function-length@1.2.2(transitive)
- Removedsetprototypeof@1.2.0(transitive)
- Removedside-channel@1.0.6(transitive)
- Removedstatuses@2.0.1(transitive)
- Removedtoidentifier@1.0.1(transitive)
- Removedtough-cookie@2.5.0(transitive)
- Removedtr46@0.0.3(transitive)
- Removeduri-js@4.4.1(transitive)
- Removedwebidl-conversions@3.0.1(transitive)
- Removedwhatwg-url@5.0.0(transitive)
- Removedws@6.2.2(transitive)
- Removedyallist@2.1.2(transitive)
Updated@google-cloud/storage@1.5.2
Updatedbody-parser@1.18.2
Updatedexpress@4.16.2
Updatedlodash@4.17.5
Updatedmoment@2.20.1
Updatedperformance-now@2.1.0
Updatedpuppeteer@1.0.0
Updatedrequest@2.83.0
Updatedrequest-promise@4.2.2