sockjs-client - npm Package Compare versions

Comparing version 1.1.1 to 1.1.2

Changelog.md

@@ -0,1 +1,14 @@
+1.1.2
+==
+
+ * Ensure both sender and receiver are cleaned upon close - #342
+ * Remove event listeners before calling `close` - #344
+ * Update documentation links - #351, #339, #316
+ * Explicitly export `undefined` when `WebSocket` does not exist. Fixes Webpack. #321
+ * Include `dist` folder on npm - #265
+ * Simplify build setup
+ * Update to Node.js 6.9
+ * Add sourcemap for minified version
+ * Remove unused String.trim shim
+
 1.1.1
@@ -2,0 +15,0 @@ ==

lib/shims.js

@@ -437,23 +437,2 @@ /* eslint-disable */
 
-// ES5 15.5.4.20
-// whitespace from: http://es5.github.io/#x15.5.4.20
-var ws = '\x09\x0A\x0B\x0C\x0D\x20\xA0\u1680\u180E\u2000\u2001\u2002\u2003' +
-    '\u2004\u2005\u2006\u2007\u2008\u2009\u200A\u202F\u205F\u3000\u2028' +
-    '\u2029\uFEFF';
-var zeroWidth = '\u200b';
-var wsRegexChars = '[' + ws + ']';
-var trimBeginRegexp = new RegExp('^' + wsRegexChars + wsRegexChars + '*');
-var trimEndRegexp = new RegExp(wsRegexChars + wsRegexChars + '*$');
-var hasTrimWhitespaceBug = StringPrototype.trim && (ws.trim() || !zeroWidth.trim());
-defineProperties(StringPrototype, {
-    // http://blog.stevenlevithan.com/archives/faster-trim-javascript
-    // http://perfectionkills.com/whitespace-deviations/
-    trim: function trim() {
-        if (this === void 0 || this === null) {
-            throw new TypeError("can't convert " + this + ' to object');
-        }
-        return String(this).replace(trimBeginRegexp, '').replace(trimEndRegexp, '');
-    }
-}, hasTrimWhitespaceBug);
-
 // ECMA-262, 3rd B.2.3
@@ -460,0 +439,0 @@ // Not an ECMAScript standard, although ECMAScript 3rd Edition has a

lib/transport/browser/websocket.js

@@ -8,2 +8,4 @@ 'use strict';
 	};
+} else {
+	module.exports = undefined;
 }

lib/transport/lib/buffered-sender.js

@@ -64,3 +64,3 @@ 'use strict';
         self.emit('close', err.code || 1006, 'Sending error: ' + err);
-        self._cleanup();
+        self.close();
       } else {
@@ -79,4 +79,4 @@ self.sendScheduleWait();
 
-BufferedSender.prototype.stop = function() {
-  debug('stop');
+BufferedSender.prototype.close = function() {
+  debug('close');
   this._cleanup();
@@ -83,0 +83,0 @@ if (this.sendStop) {

lib/transport/lib/sender-receiver.js

@@ -36,2 +36,3 @@ 'use strict';
 SenderReceiver.prototype.close = function() {
+  BufferedSender.prototype.close.call(this);
   debug('close');
@@ -43,5 +44,4 @@ this.removeAllListeners();
   }
-  this.stop();
 };
 
 module.exports = SenderReceiver;

lib/transport/websocket.js

@@ -69,6 +69,7 @@ 'use strict';
   debug('close');
-  if (this.ws) {
-    this.ws.close();
+  var ws = this.ws;
+  this._cleanup();
+  if (ws) {
+    ws.close();
   }
-  this._cleanup();
 };
@@ -75,0 +76,0 @@

lib/utils/escape.js

@@ -7,2 +7,3 @@ 'use strict';
 // something else on the wire.
+// eslint-disable-next-line no-control-regex
 var extraEscapable = /[\x00-\x1f\ud800-\udfff\ufffe\uffff\u0300-\u0333\u033d-\u0346\u034a-\u034c\u0350-\u0352\u0357-\u0358\u035c-\u0362\u0374\u037e\u0387\u0591-\u05af\u05c4\u0610-\u0617\u0653-\u0654\u0657-\u065b\u065d-\u065e\u06df-\u06e2\u06eb-\u06ec\u0730\u0732-\u0733\u0735-\u0736\u073a\u073d\u073f-\u0741\u0743\u0745\u0747\u07eb-\u07f1\u0951\u0958-\u095f\u09dc-\u09dd\u09df\u0a33\u0a36\u0a59-\u0a5b\u0a5e\u0b5c-\u0b5d\u0e38-\u0e39\u0f43\u0f4d\u0f52\u0f57\u0f5c\u0f69\u0f72-\u0f76\u0f78\u0f80-\u0f83\u0f93\u0f9d\u0fa2\u0fa7\u0fac\u0fb9\u1939-\u193a\u1a17\u1b6b\u1cda-\u1cdb\u1dc0-\u1dcf\u1dfc\u1dfe\u1f71\u1f73\u1f75\u1f77\u1f79\u1f7b\u1f7d\u1fbb\u1fbe\u1fc9\u1fcb\u1fd3\u1fdb\u1fe3\u1feb\u1fee-\u1fef\u1ff9\u1ffb\u1ffd\u2000-\u2001\u20d0-\u20d1\u20d4-\u20d7\u20e7-\u20e9\u2126\u212a-\u212b\u2329-\u232a\u2adc\u302b-\u302c\uaab2-\uaab3\uf900-\ufa0d\ufa10\ufa12\ufa15-\ufa1e\ufa20\ufa22\ufa25-\ufa26\ufa2a-\ufa2d\ufa30-\ufa6d\ufa70-\ufad9\ufb1d\ufb1f\ufb2a-\ufb36\ufb38-\ufb3c\ufb3e\ufb40-\ufb41\ufb43-\ufb44\ufb46-\ufb4e\ufff0-\uffff]/g
@@ -9,0 +10,0 @@ , extraLookup;

lib/utils/iframe.js

@@ -114,4 +114,3 @@ 'use strict';
 
-/* jshint undef: false, newcap: false */
-/* eslint no-undef: 0, new-cap: 0 */
+/* eslint no-undef: "off", new-cap: "off" */
 , createHtmlfile: function(iframeUrl, errorCallback) {
@@ -118,0 +117,0 @@ var axo = ['Active'].concat('Object').join('X');

lib/version.js

@@ -1,1 +0,1 @@
-module.exports = '1.1.1';
+module.exports = '1.1.2';

package.json

 {
   "name": "sockjs-client",
   "description": "SockJS-client is a browser JavaScript library that provides a WebSocket-like object. SockJS gives you a coherent, cross-browser, Javascript API which creates a low latency, full duplex, cross-domain communication channel between the browser and the web server.",
-  "version": "1.1.1",
+  "version": "1.1.2",
   "author": "Bryce Kahle",
@@ -28,3 +28,3 @@ "browser": {
     "debug": "^2.2.0",
-    "eventsource": "~0.1.6",
+    "eventsource": "0.1.6",
     "faye-websocket": "~0.11.0",
@@ -36,19 +36,21 @@ "inherits": "^2.0.1",
   "devDependencies": {
-    "browserify": "^6.1.0",
-    "envify": "~3.0.0",
+    "browserify": "^13.3.0",
+    "envify": "^4.0.0",
+    "eslint": "^3.14.0",
     "expect.js": "~0.3.1",
-    "gulp": "^3.8.8",
-    "gulp-eslint": "~0.1.8",
-    "gulp-header": "^1.2.2",
-    "gulp-mocha": "~1.1.1",
+    "gulp": "^3.9.1",
+    "gulp-header": "^1.8.8",
     "gulp-rename": "~1.2.0",
-    "gulp-sourcemaps": "~1.2.4",
-    "gulp-uglify": "~1.0.1",
-    "mocha": "^1.21.5",
+    "gulp-replace": "^0.5.4",
+    "gulp-sourcemaps": "^2.4.0",
+    "gulp-uglify": "^2.0.0",
+    "mocha": "^3.2.0",
     "node-static": "^0.7.6",
-    "proxyquire": "~1.0.1",
+    "proxyquire": "^1.7.10",
+    "pump": "^1.0.2",
     "sockjs": "^0.3.17",
     "vinyl-buffer": "~1.0.0",
     "vinyl-source-stream": "^1.0.0",
-    "zuul": "git://github.com/brycekahle/zuul#ngrok"
+    "zuul": "github:brycekahle/zuul#ngrok",
+    "zuul-ngrok": "github:brycekahle/zuul-ngrok#master"
   },
@@ -67,8 +69,12 @@ "homepage": "http://sockjs.org",
   "scripts": {
-    "test": "make test",
-    "test_local": "zuul --local 9090 -- tests/browser.js",
-    "zuul": "zuul -- tests/browser.js",
+    "test": "mocha tests/node.js",
+    "test:bundle": "gulp testbundle",
+    "test:browser_local": "npm run test:bundle && zuul --disable-tunnel --local 9090 -- tests/browser.js",
+    "test:browser_remote": "npm run test:bundle && zuul -- tests/browser.js",
     "gulp": "gulp",
-    "lint": "gulp eslint"
+    "lint": "eslint .",
+    "version": "gulp release && git add -A dist lib/version.js",
+    "postversion": "npm publish",
+    "postpublish": "git push origin --all && git push origin --tags"
   }
 }

README.md

@@ -29,3 +29,3 @@
  * The API should follow
-   [HTML5 Websockets API](http://dev.w3.org/html5/websockets/) as
+   [HTML5 Websockets API](https://www.w3.org/TR/websockets/) as
    closely as possible.
@@ -60,6 +60,7 @@ * All the transports must support cross domain connections out of the
   * [SockJS-twisted](https://github.com/DesertBus/sockjs-twisted/) Python/Twisted server
-  * [Spring Framework](http://projects.spring.io/spring-framework) Java [client](http://docs.spring.io/spring-framework/docs/current/spring-framework-reference/html/websocket.html#websocket-fallback-sockjs-client) & server
+  * [SockJS-aiohttp](https://github.com/aio-libs/sockjs/) Python/Aiohttp server
+  * [Spring Framework](https://projects.spring.io/spring-framework) Java [client](https://docs.spring.io/spring-framework/docs/current/spring-framework-reference/html/websocket.html#websocket-fallback-sockjs-client) & server
   * [vert.x](https://github.com/vert-x/vert.x) Java/vert.x server
-  * [Xitrum](http://xitrum-framework.github.io/) Scala server
-  * [Atmosphere Framework](http://github.com/Atmosphere/atmosphere) JavaEE Server, Play Framework, Netty, Vert.x
+  * [Xitrum](https://xitrum-framework.github.io/) Scala server
+  * [Atmosphere Framework](https://github.com/Atmosphere/atmosphere) JavaEE Server, Play Framework, Netty, Vert.x
 
@@ -80,3 +81,3 @@ Work in progress:
 
-SockJS mimics the [WebSockets API](http://dev.w3.org/html5/websockets/),
+SockJS mimics the [WebSockets API](https://www.w3.org/TR/websockets/),
 but instead of `WebSocket` there is a `SockJS` Javascript object.
@@ -88,3 +89,3 @@
 ```html
-<script src="//cdn.jsdelivr.net/sockjs/1/sockjs.min.js"></script>
+<script src="https://cdn.jsdelivr.net/sockjs/1/sockjs.min.js"></script>
 ```
@@ -96,3 +97,3 @@
 ```javascript
- var sock = new SockJS('http://mydomain.com/my_prefix');
+ var sock = new SockJS('https://mydomain.com/my_prefix');
  sock.onopen = function() {
@@ -155,3 +156,3 @@ console.log('open');
 connections - usually [browsers don't allow opening more than two
-outgoing connections to a single domain](http://stackoverflow.com/questions/985431/max-parallel-http-connections-in-a-browser). A single SockJS session
+outgoing connections to a single domain](https://stackoverflow.com/questions/985431/max-parallel-http-connections-in-a-browser). A single SockJS session
 requires those two connections - one for downloading data, the other for
@@ -221,4 +222,4 @@ sending messages.  Opening a second SockJS session at the same time
 xdr-streaming        | Transport using [XDomainRequest][^9] [streaming][^7] capability (readyState=3).
-eventsource          | [EventSource][^4].
-iframe-eventsource   | [EventSource][^4] used from an [iframe via postMessage][^3].
+eventsource          | [EventSource/Server-sent events][^4].
+iframe-eventsource   | [EventSource/Server-sent events][^4] used from an [iframe via postMessage][^3].
 htmlfile             | [HtmlFile][^8].
@@ -232,6 +233,6 @@ iframe-htmlfile      | [HtmlFile][^8] used from an [iframe via postMessage][^3].
 
-[^1]: http://tools.ietf.org/html/draft-hixie-thewebsocketprotocol-76
-[^2]: http://tools.ietf.org/html/draft-ietf-hybi-thewebsocketprotocol-10
+[^1]: https://tools.ietf.org/html/draft-hixie-thewebsocketprotocol-76
+[^2]: https://tools.ietf.org/html/draft-ietf-hybi-thewebsocketprotocol-10
 [^3]: https://developer.mozilla.org/en/DOM/window.postMessage
-[^4]: http://dev.w3.org/html5/eventsource/
+[^4]: https://html.spec.whatwg.org/multipage/comms.html#server-sent-events
 [^5]: https://secure.wikimedia.org/wikipedia/en/wiki/XMLHttpRequest#Cross-domain_requests
@@ -241,4 +242,4 @@ [^6]: https://secure.wikimedia.org/wikipedia/en/wiki/JSONP
 [^8]: http://cometdaily.com/2007/11/18/ie-activexhtmlfile-transport-part-ii/
-[^9]: http://blogs.msdn.com/b/ieinternals/archive/2010/05/13/xdomainrequest-restrictions-limitations-and-workarounds.aspx
-[^10]: http://www.rfc-editor.org/rfc/rfc6455.txt
+[^9]: https://blogs.msdn.microsoft.com/ieinternals/2010/05/13/xdomainrequest-restrictions-limitations-and-workarounds/
+[^10]: https://www.rfc-editor.org/rfc/rfc6455.txt
 
@@ -270,3 +271,3 @@
 ```html
-<script src="//cdn.jsdelivr.net/sockjs/1/sockjs.min.js"></script>
+<script src="https://cdn.jsdelivr.net/sockjs/1/sockjs.min.js"></script>
 ```
@@ -283,3 +284,3 @@
 
-SockJS-client needs [node.js](http://nodejs.org/) for running a test
+SockJS-client needs [node.js](https://nodejs.org/) for running a test
 server and JavaScript minification. If you want to work on
@@ -307,3 +308,3 @@ SockJS-client source code, checkout the git repo and follow these
 
-    make test-local
+    npm run test:browser_local
 
@@ -322,6 +323,6 @@ This will start [zuul](https://github.com/defunctzombie/zuul) and a test support server. Open the browser to [http://localhost:9090/_zuul](http://localhost:9090/_zuul) and watch the tests run.
  * You can't open more than one SockJS connection to one domain at the
-   same time due to [the browser's limit of concurrent connections](http://stackoverflow.com/questions/985431/max-parallel-http-connections-in-a-browser)
+   same time due to [the browser's limit of concurrent connections](https://stackoverflow.com/questions/985431/max-parallel-http-connections-in-a-browser)
    (this limit is not counting native WebSocket connections).
  * Although SockJS is trying to escape any strange Unicode characters
-   (even invalid ones - [like surrogates \xD800-\xDBFF](http://en.wikipedia.org/wiki/Mapping_of_Unicode_characters#Surrogates) or [\xFFFE and \xFFFF](https://en.wikipedia.org/wiki/Unicode#Character_General_Category))
+   (even invalid ones - [like surrogates \xD800-\xDBFF](https://en.wikipedia.org/wiki/Mapping_of_Unicode_characters#Surrogates) or [\xFFFE and \xFFFF](https://en.wikipedia.org/wiki/Unicode#Character_General_Category))
    it's advisable to use only valid characters. Using invalid
@@ -348,3 +349,2 @@ characters is a bit slower, and may not work with SockJS servers
    you're a serious SockJS user then consider using SSL
-   ([more info](http://www.ietf.org/mail-archive/web/hybi/current/msg01605.html)).
-
+   ([more info](https://www.ietf.org/mail-archive/web/hybi/current/msg01605.html)).

New alerts

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Minified code

Quality

This package contains minified code. This may be harmless in some cases where minified code is included in packaged libraries, however packages on npm should not minify code.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

809344

522.49%

Number of package files

68

11.48%

Lines of code

8265

165.93%

Worsened metrics

Dev dependency count

19

11.76%

Number of low quality alerts

1

Infinity%

Number of low supply chain risk alerts

48

118.18%

Number of medium supply chain risk alerts

4

100%

Dependency changes

• Updated

  eventsource@0.1.6