sq-native - npm Package Compare versions
Comparing version 0.14.0 to 1.0.0
121
index.js
@@ -7,2 +7,74 @@ 'use strict'; // FIXME copyright | ||
| const handleResponse = function (self, res) { | ||
| if (!res) { | ||
| return {}; | ||
| } | ||
| if (res.status === 'error') { | ||
| const err = new Error('runPowerWAF returned an error'); | ||
| err.waf = res; | ||
| if (res.error_code === Binding.PW_ERR_INVALID_CALL) { | ||
| err.waf.args = [self.id, params, budget]; | ||
| } | ||
| err.waf.waf_rule = self.id; | ||
| delete err.waf.status; | ||
| throw err; | ||
| } | ||
| const ret = {}; | ||
| if (res.perfTotalRuntime) { | ||
| ret.perfTotalRuntime = res.perfTotalRuntime; | ||
| } | ||
| if (res.perfData) { | ||
| ret.perfData = JSON.parse(res.perfData); | ||
| } | ||
| if (res.data) { | ||
| ret.record = { | ||
| waf_data: res.data | ||
| }; | ||
| } | ||
| if (res.status) { | ||
| ret.status = res.status; | ||
| } | ||
| return ret; | ||
| }; | ||
| const AdditiveContext = class { | ||
| constructor(key, id) { | ||
| this.key = key; | ||
| this.id = id; | ||
| this.finished = false; | ||
| } | ||
| _checkState() { | ||
| if (this.finished === true) { | ||
| throw new Error('Calling a disposed context'); | ||
| } | ||
| } | ||
| run(params, budget) { | ||
| this._checkState(); | ||
| let res; | ||
| try { | ||
| res = Binding.run_additive(this.key, params, budget); // TODO: measure binding costs too | ||
| } | ||
| catch (e) { | ||
| e.waf = { | ||
| args: [this.id, params, budget] | ||
| }; | ||
| throw e; | ||
| } | ||
| return handleResponse(this, res); | ||
| } | ||
| dispose() { | ||
| this._checkState(); | ||
| this.finished = true; | ||
| Binding.clear_additive(this.key); | ||
| } | ||
| }; | ||
| module.exports = class { | ||
@@ -15,3 +87,3 @@ | ||
| try { | ||
| Binding.powerwaf_initializePowerWAF(id, rule); | ||
| Binding.initialize(id, rule); | ||
| } | ||
@@ -25,3 +97,3 @@ catch (e) { | ||
| run(params, budget) { | ||
| _checkInit() { | ||
@@ -31,5 +103,17 @@ if (this.isInit !== true) { | ||
| } | ||
| } | ||
| startAdditive() { | ||
| this._checkInit(); | ||
| const key = Binding.start_additive(this.id); | ||
| return new AdditiveContext(key); | ||
| } | ||
| run(params, budget) { | ||
| this._checkInit(); | ||
| let res; | ||
| try { | ||
| res = Binding.powerwaf_run(this.id, params, budget); // TODO: measure binding costs too | ||
| res = Binding.run(this.id, params, budget); // TODO: measure binding costs too | ||
| } | ||
@@ -42,28 +126,3 @@ catch (e) { | ||
| } | ||
| if (!res) { | ||
| return {}; | ||
| } | ||
| if (res.status === 'error') { | ||
| const err = new Error('runPowerWAF returned an error'); | ||
| err.waf = res; | ||
| if (res.error_code === Binding.PW_ERR_INVALID_CALL) { | ||
| err.waf.args = [this.id, params, budget]; | ||
| } | ||
| err.waf.waf_rule = this.id; | ||
| delete err.waf.status; | ||
| throw err; | ||
| } | ||
| const ret = {}; | ||
| if (res.data) { | ||
| ret.record = { | ||
| waf_data: res.data | ||
| }; | ||
| } | ||
| if (res.status) { | ||
| ret.status = res.status; | ||
| } | ||
| return ret; | ||
| return handleResponse(this, res); | ||
| } | ||
@@ -73,3 +132,3 @@ | ||
| const version = Binding.powerwaf_get_version(); | ||
| const version = Binding.get_version(); | ||
| return `${version.major}.${version.minor}.${version.patch}`; | ||
@@ -80,3 +139,3 @@ } | ||
| return Binding.powerwaf_clearAll(); | ||
| return Binding.clear_all(); | ||
| } | ||
@@ -83,0 +142,0 @@ }; |
| { | ||
| "name": "sq-native", | ||
| "version": "0.14.0", | ||
| "version": "1.0.0", | ||
| "description": "Node.js binding for libsqreen", | ||
| "main": "index.js", | ||
| "scripts": { | ||
| "install": "binary-downloader" | ||
| "install": "node ./install.js" | ||
| }, | ||
@@ -12,10 +12,9 @@ "author": "vdeturckheim (vladimir@sqreen.com)", | ||
| "dependencies": { | ||
| "binary-downloader": "^0.2.0" | ||
| "binary-downloader": "^0.2.0", | ||
| "detect-libc": "^1.0.3", | ||
| "tar": "^4.4.13" | ||
| }, | ||
| "binary": { | ||
| "module_name": "libsqreen", | ||
| "module_path": "./bindings/{node_napi_label}", | ||
| "remote_path": "./nodejs/libsqreen/b20200625.12/{platform}-{libc}/{arch}/", | ||
| "package_name": "{node_napi_label}.tar.gz", | ||
| "host": "https://sqreen-download-public.s3-eu-west-1.amazonaws.com/", | ||
| "module_name": "libsqreen-{node_napi_label}", | ||
| "module_path": "./bindings", | ||
| "napi_versions": [ | ||
@@ -22,0 +21,0 @@ 3 |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Install scripts
Supply chain riskInstall scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.
Found 1 instance in 1 package
Native code
Supply chain riskContains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.
Found 4 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Install scripts
Supply chain riskInstall scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.
Found 1 instance in 1 package
No v1
QualityPackage is not semver >=1. This means it is not stable and does not support ^ ranges.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by142540.14%
3681542
- Number of package files
- increased by250%
7
- Lines of code
- increased by135.38%
153
- Number of low quality alerts
- decreased by-50%
1
Worsened metrics
- Dependency count
- increased by200%
3
- Number of low supply chain risk alerts
- increased by50%
3
- Number of medium supply chain risk alerts
- increased byInfinity%
4
Dependency changes
+ Addeddetect-libc@^1.0.3
+ Addedtar@^4.4.13