sq-native - npm Package Compare versions

Comparing version 0.14.0 to 1.0.0

index.js

@@ -7,2 +7,74 @@ 'use strict'; // FIXME copyright
 
+const handleResponse = function (self, res) {
+
+    if (!res) {
+        return {};
+    }
+
+    if (res.status === 'error') {
+        const err = new Error('runPowerWAF returned an error');
+        err.waf = res;
+        if (res.error_code === Binding.PW_ERR_INVALID_CALL) {
+            err.waf.args = [self.id, params, budget];
+        }
+        err.waf.waf_rule = self.id;
+        delete err.waf.status;
+        throw err;
+    }
+    const ret = {};
+    if (res.perfTotalRuntime) {
+        ret.perfTotalRuntime = res.perfTotalRuntime;
+    }
+    if (res.perfData) {
+        ret.perfData = JSON.parse(res.perfData);
+    }
+    if (res.data) {
+        ret.record = {
+            waf_data: res.data
+        };
+    }
+    if (res.status) {
+        ret.status = res.status;
+    }
+    return ret;
+};
+
+const AdditiveContext = class {
+
+    constructor(key, id) {
+        this.key = key;
+        this.id = id;
+        this.finished = false;
+    }
+
+    _checkState() {
+
+        if (this.finished === true) {
+            throw new Error('Calling a disposed context');
+        }
+    }
+
+    run(params, budget) {
+
+        this._checkState();
+        let res;
+        try {
+            res = Binding.run_additive(this.key, params, budget); // TODO: measure binding costs too
+        }
+        catch (e) {
+            e.waf = {
+                args: [this.id, params, budget]
+            };
+            throw e;
+        }
+        return handleResponse(this, res);
+    }
+
+    dispose() {
+        this._checkState();
+        this.finished = true;
+        Binding.clear_additive(this.key);
+    }
+};
+
 module.exports = class {
@@ -15,3 +87,3 @@
         try {
-            Binding.powerwaf_initializePowerWAF(id, rule);
+            Binding.initialize(id, rule);
         }
@@ -25,3 +97,3 @@ catch (e) {
 
-    run(params, budget) {
+    _checkInit() {
 
@@ -31,5 +103,17 @@ if (this.isInit !== true) {
         }
+    }
+
+    startAdditive() {
+
+        this._checkInit();
+        const key = Binding.start_additive(this.id);
+        return new AdditiveContext(key);
+    }
+
+    run(params, budget) {
+
+        this._checkInit();
         let res;
         try {
-            res = Binding.powerwaf_run(this.id, params, budget); // TODO: measure binding costs too
+            res = Binding.run(this.id, params, budget); // TODO: measure binding costs too
         }
@@ -42,28 +126,3 @@ catch (e) {
         }
-        if (!res) {
-            return {};
-        }
-
-        if (res.status === 'error') {
-            const err = new Error('runPowerWAF returned an error');
-            err.waf = res;
-            if (res.error_code === Binding.PW_ERR_INVALID_CALL) {
-                err.waf.args = [this.id, params, budget];
-            }
-            err.waf.waf_rule = this.id;
-            delete err.waf.status;
-            throw err;
-        }
-
-
-        const ret = {};
-        if (res.data) {
-            ret.record = {
-                waf_data: res.data
-            };
-        }
-        if (res.status) {
-            ret.status = res.status;
-        }
-        return ret;
+        return handleResponse(this, res);
     }
@@ -73,3 +132,3 @@
 
-        const version = Binding.powerwaf_get_version();
+        const version = Binding.get_version();
         return `${version.major}.${version.minor}.${version.patch}`;
@@ -80,3 +139,3 @@ }
 
-        return Binding.powerwaf_clearAll();
+        return Binding.clear_all();
     }
@@ -83,0 +142,0 @@ };

package.json

 {
   "name": "sq-native",
-  "version": "0.14.0",
+  "version": "1.0.0",
   "description": "Node.js binding for libsqreen",
   "main": "index.js",
   "scripts": {
-    "install": "binary-downloader"
+    "install": "node ./install.js"
   },
@@ -12,10 +12,9 @@ "author": "vdeturckheim (vladimir@sqreen.com)",
   "dependencies": {
-    "binary-downloader": "^0.2.0"
+    "binary-downloader": "^0.2.0",
+    "detect-libc": "^1.0.3",
+    "tar": "^4.4.13"
   },
   "binary": {
-    "module_name": "libsqreen",
-    "module_path": "./bindings/{node_napi_label}",
-    "remote_path": "./nodejs/libsqreen/b20200625.12/{platform}-{libc}/{arch}/",
-    "package_name": "{node_napi_label}.tar.gz",
-    "host": "https://sqreen-download-public.s3-eu-west-1.amazonaws.com/",
+    "module_name": "libsqreen-{node_napi_label}",
+    "module_path": "./bindings",
     "napi_versions": [
@@ -22,0 +21,0 @@ 3

New alerts

Install scripts

Supply chain risk

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

Fixed alerts

Install scripts

Supply chain risk

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

3681542

increased by142540.14%

Number of package files

7

increased by250%

Lines of code

153

increased by135.38%

Number of low quality alerts

1

decreased by-50%

Worsened metrics

Dependency count

3

increased by200%

Number of low supply chain risk alerts

3

increased by50%

Dependency changes

• + Addeddetect-libc@^1.0.3

• + Addedtar@^4.4.13