server - npm Package Compare versions
Comparing version 1.0.0-beta.3 to 1.0.0-beta.4
| { | ||
| "name": "server", | ||
| "version": "1.0.0-beta.3", | ||
| "version": "1.0.0-beta.4", | ||
| "description": "A modern and powerful server for Node.js", | ||
@@ -42,2 +42,3 @@ "main": "server.js", | ||
| "hbs": "^4.0.1", | ||
| "helmet": "^3.9.0", | ||
| "loadware": "^2.0.0", | ||
@@ -64,3 +65,3 @@ "log": "^1.4.0", | ||
| "grunt-contrib-watch": "^1.0.0", | ||
| "jest": "^20.0.0", | ||
| "jest": "^21.2.1", | ||
| "jstransformer-marked": "^1.0.2", | ||
@@ -67,0 +68,0 @@ "picnic": "^6.4.0", |
| const modern = require('../../src/modern'); | ||
| const csurf = require('csurf'); | ||
| const helmet = require('helmet'); | ||
@@ -8,8 +9,45 @@ module.exports = { | ||
| csrf: { | ||
| env: 'SECURITY_CSRF', | ||
| default: {}, | ||
| type: Object | ||
| }, | ||
| contentSecurityPolicy: { | ||
| env: 'SECURITY_CONTENTSECURITYPOLICY' | ||
| }, | ||
| expectCt: { | ||
| env: 'SECURITY_EXPECTCT' | ||
| }, | ||
| dnsPrefetchControl: { | ||
| env: 'SECURITY_DNSPREFETCHCONTROL' | ||
| }, | ||
| frameguard: { | ||
| env: 'SECURITY_FRAMEGUARD' | ||
| }, | ||
| hidePoweredBy: { | ||
| env: 'SECURITY_HIDEPOWEREDBY' | ||
| }, | ||
| hpkp: { | ||
| env: 'SECURITY_HPKP' | ||
| }, | ||
| hsts: { | ||
| env: 'SECURITY_HSTS' | ||
| }, | ||
| ieNoOpen: { | ||
| env: 'SECURITY_IENOOPEN' | ||
| }, | ||
| noCache: { | ||
| env: 'SECURITY_NOCACHE' | ||
| }, | ||
| noSniff: { | ||
| env: 'SECURITY_NOSNIFF' | ||
| }, | ||
| referrerPolicy: { | ||
| env: 'SECURITY_REFERRERPOLICY' | ||
| }, | ||
| xssFilter: { | ||
| env: 'SECURITY_XSSFILTER' | ||
| } | ||
| }, | ||
| before: [ | ||
| ctx => modern(csurf(ctx.options.security.csrf))(ctx), | ||
| ctx => ctx.options.security.csrf ? modern(csurf(ctx.options.security.csrf))(ctx) : false, | ||
| ctx => { | ||
@@ -19,4 +57,5 @@ // Set the csrf for render(): https://expressjs.com/en/api.html#res.locals | ||
| ctx.res.locals.csrf = ctx.csrf; | ||
| } | ||
| }, | ||
| ctx => modern(helmet(ctx.options.security))(ctx) | ||
| ] | ||
| }; |
@@ -142,3 +142,6 @@ // parse.js | ||
| } | ||
| options[name] = value; | ||
| if (typeof value !== 'undefined') { | ||
| options[name] = value; | ||
| } | ||
| } | ||
@@ -145,0 +148,0 @@ |
@@ -5,3 +5,2 @@ const schema = require('./schema'); | ||
| const config = require('./index'); | ||
| //const defaults = require('./defaults'); | ||
@@ -41,3 +40,3 @@ describe('options', () => { | ||
| const opts = config({ secret: 'your-random-string-here' }); | ||
| await expect(opts).rejects.toMatchObject({ code: '/server/options/noarg' }); | ||
| await expect(opts).rejects.toHaveProperty('code', '/server/options/noarg'); | ||
| }); | ||
@@ -94,6 +93,6 @@ }); | ||
| const pub = parse(schema, { public: 25 }); | ||
| await expect(pub).rejects.toMatchObject({ code: '/server/options/type' }); | ||
| await expect(pub).rejects.toHaveProperty('code', '/server/options/type'); | ||
| const port = parse(schema, { port: '25' }); | ||
| await expect(port).rejects.toMatchObject({ code: '/server/options/type' }); | ||
| await expect(port).rejects.toHaveProperty('code', '/server/options/type'); | ||
| }); | ||
@@ -109,3 +108,3 @@ | ||
| const env = parse(schema, {}, { NODE_ENV: 'abc' }); | ||
| await expect(env).rejects.toMatchObject({ code: '/server/options/enum' }); | ||
| await expect(env).rejects.toHaveProperty('code', '/server/options/enum'); | ||
| }); | ||
@@ -115,3 +114,3 @@ | ||
| const env = parse({}, 'hello'); | ||
| await expect(env).rejects.toMatchObject({ code: '/server/options/notobject' }); | ||
| await expect(env).rejects.toHaveProperty('code', '/server/options/notobject'); | ||
| }); | ||
@@ -121,3 +120,3 @@ | ||
| const arg = parse(schema, { env: 'abc' }); | ||
| await expect(arg).rejects.toMatchObject({ code: '/server/options/noarg' }); | ||
| await expect(arg).rejects.toHaveProperty('code', '/server/options/noarg'); | ||
| }); | ||
@@ -127,3 +126,3 @@ | ||
| const env = parse({ public: { env: false }}, {}, { PUBLIC: 'hello' }); | ||
| await expect(env).rejects.toMatchObject({ code: '/server/options/noenv' }); | ||
| await expect(env).rejects.toHaveProperty('code', '/server/options/noenv'); | ||
| }); | ||
@@ -133,3 +132,3 @@ | ||
| const env = parse({ public: { required: true } }); | ||
| await expect(env).rejects.toMatchObject({ code: '/server/options/required' }); | ||
| await expect(env).rejects.toHaveProperty('code', '/server/options/required'); | ||
| }); | ||
@@ -144,3 +143,3 @@ | ||
| const env = parse({ public: { validate } }, {}, { PUBLIC: 'hello' }); | ||
| await expect(env).rejects.toMatchObject({ code: '/server/options/fakeerror' }); | ||
| await expect(env).rejects.toHaveProperty('code', '/server/options/fakeerror'); | ||
| }); | ||
@@ -155,3 +154,3 @@ | ||
| const env = parse({ public: { validate: () => false } }); | ||
| await expect(env).rejects.toMatchObject({ code: '/server/options/validate' }); | ||
| await expect(env).rejects.toHaveProperty('code', '/server/options/validate'); | ||
| }); | ||
@@ -161,4 +160,4 @@ | ||
| const env = parse({ public: { validate: () => false } }); | ||
| await expect(env).rejects.toMatchObject({ code: '/server/options/validate' }); | ||
| await expect(env).rejects.toHaveProperty('code', '/server/options/validate'); | ||
| }); | ||
| }); |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.26%
2102066
- Lines of code
- increased by1.32%
3308
Worsened metrics
- Dependency count
- increased by4.76%
22
Dependency changes
+ Addedhelmet@^3.9.0
+ Addedbowser@2.9.0(transitive)
+ Addedcamelize@1.0.0(transitive)
+ Addedcontent-security-policy-builder@2.1.0(transitive)
+ Addeddasherize@2.0.0(transitive)
+ Addeddont-sniff-mimetype@1.1.0(transitive)
+ Addedfeature-policy@0.3.0(transitive)
+ Addedhelmet@3.23.3(transitive)
+ Addedhelmet-crossdomain@0.4.0(transitive)
+ Addedhelmet-csp@2.10.0(transitive)
+ Addedhide-powered-by@1.1.0(transitive)
+ Addedhpkp@2.0.0(transitive)
+ Addedhsts@2.2.0(transitive)
+ Addednocache@2.1.0(transitive)
+ Addedreferrer-policy@1.2.0(transitive)
+ Addedx-xss-protection@1.3.0(transitive)