spdy - npm Package Compare versions

Comparing version 1.32.4 to 1.32.5

lib/spdy/protocol/framer.js

@@ -7,2 +7,4 @@ var spdy = require('../../spdy');
 
+var empty = new Buffer(0);
+
 function Framer() {
@@ -314,3 +316,3 @@ EventEmitter.call(this);
   if (!fin && !data.length)
-    return callback(null, []);
+    return callback(null, empty);
 
@@ -317,0 +319,0 @@ var frame = new Buffer(8 + data.length);

lib/spdy/stream.js

@@ -10,2 +10,4 @@ var spdy = require('../spdy');
 
+var empty = new Buffer(0);
+
 if (!/^v(0\.10|0\.8|0\.9)\./.test(process.version))
@@ -185,3 +187,3 @@ var httpCommon = require('_http_common');
     var self = this;
-    this._writeData(true, [], function() {
+    this._writeData(true, empty, function() {
       state.closedBy.us = true;
@@ -188,0 +190,0 @@ if (state.sinkBuffer.length !== 0)

package.json

 {
   "name": "spdy",
-  "version": "1.32.4",
+  "version": "1.32.5",
   "description": "Implementation of the SPDY protocol on node.js.",
@@ -5,0 +5,0 @@ "license": "MIT",

test/unit/stream-test.js

@@ -371,2 +371,42 @@ var assert = require('assert'),
   }
+
+  test('it should not attempt to send empty arrays', function(done) {
+    var server = spdy.createServer(keys);
+    var agent;
+
+    server.on('request', function(req, res) {
+      setTimeout(function() {
+        res.end();
+        done();
+        server.close();
+        agent.close();
+      }, 100);
+    });
+
+    server.listen(PORT, function() {
+      agent = spdy.createAgent({
+        port: PORT,
+        rejectUnauthorized: false
+      }).on('error', function(err) {
+        done(err);
+      });
+
+      var body = new Buffer([1,2,3,4]);
+
+      var opts = {
+        method: 'POST',
+        headers: {
+          'Host': 'localhost',
+          'Content-Length': body.length
+        },
+        path: '/some-url',
+        agent: agent
+      };
+
+      var req = https.request(opts, function(res) {
+      }).on('error', function(err) {
+      });
+      req.end(body);
+    });
+  });
 });

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

157491

increased by5.24%

Number of package files

27

increased by8%

Lines of code

4563

increased by2.68%

Worsened metrics

Number of low supply chain risk alerts

3

increased by200%

Number of medium supply chain risk alerts

17

increased by13.33%

No dependency changes