then-request - npm Package Compare versions

Comparing version 2.2.0 to 3.0.0

lib/handle-qs.js

@@ -1,22 +0,18 @@
-'use strict';
-
-var parse = require('qs').parse;
-var stringify = require('qs').stringify;
-
-module.exports = handleQs;
+"use strict";
+exports.__esModule = true;
+var qs_1 = require("qs");
 function handleQs(url, query) {
-  url = url.split('?');
-  var start = url[0];
-  var qs = (url[1] || '').split('#')[0];
-  var end = url[1] && url[1].split('#').length > 1 ? '#' + url[1].split('#')[1] : '';
-
-  var baseQs = parse(qs);
-  for (var i in query) {
-    baseQs[i] = query[i];
-  }
-  qs = stringify(baseQs);
-  if (qs !== '') {
-    qs = '?' + qs;
-  }
-  return start + qs + end;
+    var _a = url.split('?'), start = _a[0], part2 = _a[1];
+    var qs = (part2 || '').split('#')[0];
+    var end = part2 && part2.split('#').length > 1 ? '#' + part2.split('#')[1] : '';
+    var baseQs = qs_1.parse(qs);
+    for (var i in query) {
+        baseQs[i] = query[i];
+    }
+    qs = qs_1.stringify(baseQs);
+    if (qs !== '') {
+        qs = '?' + qs;
+    }
+    return start + qs + end;
 }
+exports["default"] = handleQs;

package.json

 {
   "name": "then-request",
-  "version": "2.2.0",
+  "version": "3.0.0",
   "description": "A request library that returns promises, inspired by request",
   "keywords": [],
-  "browser": "./browser.js",
+  "main": "lib/index.js",
+  "browser": "lib/browser.js",
+  "types": "lib/index.d.ts",
+  "files": [
+    "lib"
+  ],
   "dependencies": {
+    "@types/concat-stream": "^1.6.0",
+    "@types/node": "^7.0.31",
+    "@types/qs": "^6.2.31",
     "caseless": "~0.11.0",
     "concat-stream": "^1.4.7",
-    "http-basic": "^2.5.1",
-    "http-response-object": "^1.1.0",
-    "promise": "^7.1.1",
+    "http-basic": "^5.0.3",
+    "http-response-object": "^2.0.3",
+    "promise": "^7.3.0",
     "qs": "^6.1.0"
@@ -18,2 +26,3 @@ },
     "exorcist": "^0.1.6",
+    "flowgen2": "^2.0.0-alpha.10",
     "istanbul": "^0.3.5",
@@ -23,11 +32,14 @@ "minifyify": "^6.0.0",
     "rimraf": "^2.2.8",
-    "testit": "^1.2.0"
+    "testit": "^1.2.0",
+    "typescript": "^2.3.4"
   },
   "scripts": {
+    "pretest": "npm run build:types",
     "test": "node test/index.js && istanbul cover test/index.js",
+    "prepublishOnly": "npm run build",
     "prebuild": "rimraf dist && mkdirp dist",
-    "prepublish": "npm run build",
-    "build": "npm run build:full && npm run build:min",
-    "build:full": "browserify -d --standalone request browser.js | exorcist -u request.js.map dist/request.js.map > dist/request.js",
-    "build:min": "browserify -d --standalone request browser.js -p [minifyify --compressPath . --map request.min.js.map --output dist/request.min.js.map] > dist/request.min.js"
+    "build": "npm run build:types && npm run build:full && npm run build:min",
+    "build:types": "tsc && flowgen lib/**/*",
+    "build:full": "browserify -d --standalone request lib/browser.js | exorcist -u request.js.map dist/request.js.map > dist/request.js",
+    "build:min": "browserify -d --standalone request lib/browser.js -p [minifyify --compressPath . --map request.min.js.map --output dist/request.min.js.map] > dist/request.min.js"
   },
@@ -34,0 +46,0 @@ "repository": {

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 2 instances in 1 package

Uses eval

Supply chain risk

Package uses eval() which is a dangerous function. This prevents the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Minified code

Quality

This package contains minified code. This may be harmless in some cases where minified code is included in packaged libraries, however packages on npm should not minify code.

Found 1 instance in 1 package

Improved metrics

Number of package files

22

increased by29.41%

Number of low quality alerts

1

decreased by-50%

Number of low supply chain risk alerts

0

decreased by-100%

Number of medium supply chain risk alerts

4

decreased by-60%

Worsened metrics

Total package byte prevSize

21778

decreased by-90.96%

Dependency count

9

increased by50%

Dev dependency count

9

increased by28.57%

Lines of code

287

decreased by-84.74%

Dependency changes

• + Added@types/concat-stream@^1.6.0

• + Added@types/node@^7.0.31

• + Added@types/qs@^6.2.31

• + Added@types/concat-stream@1.6.1(transitive)

• + Added@types/node@7.10.14(transitive)

• + Added@types/qs@6.9.16(transitive)

• + Addedhttp-basic@5.0.3(transitive)

• + Addedhttp-response-object@2.0.3(transitive)

• + Addedparse-cache-control@1.0.1(transitive)

• - Removedhttp-basic@2.5.1(transitive)

• - Removedhttp-response-object@1.1.0(transitive)

• Updatedhttp-basic@^5.0.3

• Updatedhttp-response-object@^2.0.3

• Updatedpromise@^7.3.0