tdoc-api - npm Package Compare versions

Comparing version 0.4.5 to 0.4.6

index.js

@@ -15,3 +15,4 @@ /*!
         maxSockets: 4, // do not use more than 4 parallel connections
-    });
+    }),
+    reEtag = /^"([0-9A-F]+)[-"]/;
 
@@ -109,5 +110,10 @@ function TDoc(address, username, password) {
         if ('etag' in resp.header) {
-            const h = crypto.createHash('sha256').update(resp.body).digest('hex').toUpperCase();
-            if (resp.header.etag.indexOf(h) != 1)
-                throw new Error('Hash value mismatch.');
+            const m = reEtag.exec(resp.header.etag);
+            if (m) {
+                const declared = m[1];
+                const algo = declared.length < 64 ? 'sha1' : 'sha256';
+                const calc = crypto.createHash(algo).update(resp.body).digest('hex').toUpperCase();
+                if (calc != declared)
+                    throw new Error('Hash value mismatch.');
+            }
         }
@@ -217,5 +223,5 @@ return resp.body;
     const data = {
-            meta: p.meta,
-            value: p.value,
-        };
+        meta: p.meta,
+        value: p.value,
+    };
     if (p.user) data.user = p.user;
@@ -228,5 +234,5 @@ if (p.company) data.company = p.company;
     const data = {
-            doctype: p.doctype,
-            meta: JSON.stringify(p.meta)
-        };
+        doctype: p.doctype,
+        meta: JSON.stringify(p.meta),
+    };
     if (p.user) data.user = p.user;
@@ -284,6 +290,6 @@ if (p.company) data.company = p.company;
     const data = {
-            company: p.company,
-            doctype: p.doctype,
-            filename: p.filename,
-        };
+        company: p.company,
+        doctype: p.doctype,
+        filename: p.filename,
+    };
     if (p.user) data.user = p.user;
@@ -290,0 +296,0 @@ return parcelPOST(me, 'docs/parcel/create', data);

package.json

 {
   "name": "tdoc-api",
-  "version": "0.4.5",
+  "version": "0.4.6",
   "description": "Wrapper around tDoc REST-ful APIs",
@@ -5,0 +5,0 @@ "main": "index.js",

Fixed alerts

AI-detected possible typosquat

Supply chain risk

AI has identified this package as a potential typosquat of a more popular package. This suggests that the package may be intentionally mimicking another package's name, description, or other metadata.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

17856

increased by1.06%

Lines of code

348

increased by1.75%

Number of medium supply chain risk alerts

1

decreased by-50%

No dependency changes