Comparing version 4.1.1 to 4.1.2
@@ -5,2 +5,12 @@ # Change Log | ||
| <a name="4.1.2"></a> | ||
| ## [4.1.2](https://github.com/zkat/ssri/compare/v4.1.1...v4.1.2) (2017-04-18) | ||
| ### Bug Fixes | ||
| * **stream:** _flush can be called multiple times. use on("end") ([b1c4805](https://github.com/zkat/ssri/commit/b1c4805)) | ||
| <a name="4.1.1"></a> | ||
@@ -7,0 +17,0 @@ ## [4.1.1](https://github.com/zkat/ssri/compare/v4.1.0...v4.1.1) (2017-04-12) |
74
index.js
@@ -245,40 +245,38 @@ 'use strict' | ||
| cb(null, chunk, enc) | ||
| }, | ||
| flush (done) { | ||
| const optString = (opts.options && opts.options.length) | ||
| ? `?${opts.options.join('?')}` | ||
| : '' | ||
| const newSri = parse(hashes.map((h, i) => { | ||
| return `${algorithms[i]}-${h.digest('base64')}${optString}` | ||
| }).join(' '), opts) | ||
| const match = ( | ||
| // Integrity verification mode | ||
| opts.integrity && | ||
| digests.find(hash => { | ||
| return newSri[algorithm].find(newhash => { | ||
| return hash.digest === newhash.digest | ||
| }) | ||
| } | ||
| }).on('end', () => { | ||
| const optString = (opts.options && opts.options.length) | ||
| ? `?${opts.options.join('?')}` | ||
| : '' | ||
| const newSri = parse(hashes.map((h, i) => { | ||
| return `${algorithms[i]}-${h.digest('base64')}${optString}` | ||
| }).join(' '), opts) | ||
| const match = ( | ||
| // Integrity verification mode | ||
| opts.integrity && | ||
| digests.find(hash => { | ||
| return newSri[algorithm].find(newhash => { | ||
| return hash.digest === newhash.digest | ||
| }) | ||
| ) | ||
| if (typeof opts.size === 'number' && streamSize !== opts.size) { | ||
| const err = new Error(`stream size mismatch when checking ${sri}.\n Wanted: ${opts.size}\n Found: ${streamSize}`) | ||
| err.code = 'EBADSIZE' | ||
| err.found = streamSize | ||
| err.expected = opts.size | ||
| err.sri = sri | ||
| stream.emit('error', err) | ||
| } else if (opts.integrity && !match) { | ||
| const err = new Error(`${sri} integrity checksum failed when using ${algorithm}`) | ||
| err.code = 'EINTEGRITY' | ||
| err.found = newSri | ||
| err.expected = digests | ||
| err.algorithm = algorithm | ||
| err.sri = sri | ||
| stream.emit('error', err) | ||
| } else { | ||
| stream.emit('size', streamSize) | ||
| stream.emit('integrity', newSri) | ||
| match && stream.emit('verified', match) | ||
| } | ||
| done() | ||
| }) | ||
| ) | ||
| if (typeof opts.size === 'number' && streamSize !== opts.size) { | ||
| const err = new Error(`stream size mismatch when checking ${sri}.\n Wanted: ${opts.size}\n Found: ${streamSize}`) | ||
| err.code = 'EBADSIZE' | ||
| err.found = streamSize | ||
| err.expected = opts.size | ||
| err.sri = sri | ||
| stream.emit('error', err) | ||
| } else if (opts.integrity && !match) { | ||
| const err = new Error(`${sri} integrity checksum failed when using ${algorithm}: wanted ${digests} but got ${newSri}. (${streamSize} bytes)`) | ||
| err.code = 'EINTEGRITY' | ||
| err.found = newSri | ||
| err.expected = digests | ||
| err.algorithm = algorithm | ||
| err.sri = sri | ||
| stream.emit('error', err) | ||
| } else { | ||
| stream.emit('size', streamSize) | ||
| stream.emit('integrity', newSri) | ||
| match && stream.emit('verified', match) | ||
| } | ||
@@ -309,3 +307,3 @@ }) | ||
| `${algo}-${digest}${optString}`, | ||
| opts | ||
| opts | ||
| ) | ||
@@ -312,0 +310,0 @@ if (hash.algorithm && hash.digest) { |
| { | ||
| "name": "ssri", | ||
| "version": "4.1.1", | ||
| "version": "4.1.2", | ||
| "description": "Standard Subresource Integrity library -- parses, serializes, generates, and verifies integrity metadata according to the SRI spec.", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
No alert changes
Improved metrics
- Total package byte prevSize
- increased by0.62%
34582
Worsened metrics
- Lines of code
- decreased by-0.64%
312
No dependency changes