snrub - npm Package Compare versions

Comparing version 0.0.1 to 0.0.2

index.js

 var listener = require('./lib/listener');
+var scheduler = require('./lib/scheduler');
+var dedup = require('./lib/dedup');
 
@@ -63,1 +65,7 @@ function warn(str) {
 }
+
+// Go with noddy implementations for now.
+exports.createPoller = function() {
+  return new scheduler.TimerScheduler();
+}
+exports.dedup = dedup.create;

lib/listener.js

@@ -146,3 +146,2 @@ // A listener for PuSH notifications, as middleware for connect,
           console.log({post: memo});
-          var sig = req.headers['X-Hub-Signature'];
           // TODO Ought to allow for binary data. Maybe check
@@ -154,4 +153,4 @@ // content-type.
           req.on('end', function() {
-            that.emit('publish', memo['user_data'],
-                      chunks.join(''), sig);
+            that.emit('update', memo['user_data'],
+                      chunks.join(''), req.headers);
             respond(res, 200, "");
@@ -187,3 +186,3 @@ });
   var data = opts.data || topic;
-  var sub = subscription(data, !opts.noAuto, opts.leaseSeconds || 0);
+  var sub = subscription(data, opts.noAuto, opts.leaseSeconds || 0);
   var path = this.paths.create(sub);
@@ -281,5 +280,5 @@ var callbackUrl = this.host + this.prefix + path;
 
-function subscription(userValue, allowAuto, leaseSeconds) {
+function subscription(userValue, noAuto, leaseSeconds) {
   var sub = {'user_data': userValue};
-  if (leaseSeconds && !allowAuto) {
+  if (leaseSeconds && noAuto) {
     sub.expiry = +new Date + (leaseSeconds * 1000);
@@ -286,0 +285,0 @@ }

mockserver.js

@@ -7,6 +7,9 @@ var http = require('http');
 
+var debug = (require.main === module || process.env.DEBUG) ?
+  function(msg) { console.log(msg); } : function() {};
+
 // mock out some path for testing subscriptions etc.
 function handle(req, res) {
   var out = {}; out[req.method] = req.url;
-  console.log(out);
+  debug(out);
   if (req.url == '/subscribeOK' && req.method == 'POST') {
@@ -20,3 +23,3 @@ var chunks = [];
       var params = querystring.parse(chunks.join(''));
-      console.log({subscribe: params});
+      debug({subscribe: params});
       res.statusCode = 202;
@@ -27,4 +30,6 @@ res.end();
   }
-
-
+  else if (req.url == '/subscribe404' && req.method == 'POST') {
+    res.statusCode = 404;
+    res.end();
+  }
   else {
@@ -39,3 +44,3 @@ res.statusCode = 404;
   var reqopts = url.parse(params['hub.callback']);
-  qsobj = {
+  var qsobj = {
     'hub.mode': params['hub.mode'],
@@ -48,6 +53,6 @@ 'hub.topic': params['hub.topic'],
   reqopts.path += ('?' + querystring.stringify(qsobj));
-  console.log({verifying: qsobj});
+  debug({verifying: qsobj});
   http.get(reqopts, function(res) {
     res.on('data', function(d) {
-      console.log({verify_response: {status: res.statusCode, data: d.toString()}});
+      debug({verify_response: {status: res.statusCode, data: d.toString()}});
     });
@@ -57,2 +62,6 @@ });
 
-server.listen(8000);
+exports.server = server;
+
+if (require.main === module) {
+  server.listen(8000);
+}

package.json

@@ -5,3 +5,3 @@ {
   "description": "PuSH (pubsubhubbub) subscriber as Connect middleware",
-  "version": "0.0.1",
+  "version": "0.0.2",
   "repository": {
@@ -14,5 +14,12 @@ "type": "git",
   },
-  "dependencies": {},
-  "devDependencies": {},
+  "scripts": {
+    "test": "make test"
+  },
+  "dependencies": {
+  },
+  "devDependencies": {
+    "mocha": "~0.10",
+    "connect": "~2.3"
+  },
   "optionalDependencies": {}
 }

New alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

32872

increased by96.64%

Number of package files

12

increased by71.43%

Lines of code

860

increased by119.95%

Worsened metrics

Dev dependency count

2

increased byInfinity%

Number of low supply chain risk alerts

1

increased byInfinity%

Number of medium supply chain risk alerts

6

increased by100%

No dependency changes