Comparing version 8.0.0 to 8.0.1
@@ -5,2 +5,9 @@ # Changelog | ||
### [8.0.1](https://github.com/npm/ssri/compare/v8.0.0...v8.0.1) (2021-01-27) | ||
### Bug Fixes | ||
* simplify regex for strict mode, add tests ([76e2233](https://github.com/npm/ssri/commit/76e223317d971f19e4db8191865bdad5edee40d2)) | ||
## [8.0.0](https://github.com/npm/ssri/compare/v7.1.0...v8.0.0) (2020-02-18) | ||
@@ -7,0 +14,0 @@ |
@@ -12,3 +12,3 @@ 'use strict' | ||
const SRI_REGEX = /^([a-z0-9]+)-([^?]+)([?\S*]*)$/ | ||
const STRICT_SRI_REGEX = /^([a-z0-9]+)-([A-Za-z0-9+/=]{44,88})(\?[\x21-\x7E]*)*$/ | ||
const STRICT_SRI_REGEX = /^([a-z0-9]+)-([A-Za-z0-9+/=]{44,88})(\?[\x21-\x7E]*)?$/ | ||
const VCHAR_REGEX = /^[\x21-\x7E]+$/ | ||
@@ -28,3 +28,4 @@ | ||
const getOptString = options => !options || !options.length ? '' | ||
const getOptString = options => !options || !options.length | ||
? '' | ||
: `?${options.join('?')}` | ||
@@ -31,0 +32,0 @@ |
{ | ||
"name": "ssri", | ||
"version": "8.0.0", | ||
"version": "8.0.1", | ||
"description": "Standard Subresource Integrity library -- parses, serializes, generates, and verifies integrity metadata according to the SRI spec.", | ||
@@ -45,4 +45,4 @@ "main": "index.js", | ||
"devDependencies": { | ||
"standard": "^14.3.1", | ||
"standard-version": "^7.1.0", | ||
"standard": "^16.0.3", | ||
"standard-version": "^9.1.0", | ||
"tap": "^14.10.6" | ||
@@ -49,0 +49,0 @@ }, |
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
46908
425
1