🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more
Socket
DemoInstallSign in
Socket
DemoInstallSign in

useragent-ng

Package Overview
Dependencies
Maintainers
1
Versions
6
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

useragent-ng - npm Package Compare versions

Comparing version

2.4.2
to
2.4.3

4

CHANGELOG.md
## Version 2.0
- **v2.4.3**
- Slimmed down the size/complexity of the built regexps.js file. The regexps are now stored in a normal array.
- **v2.4.0**

@@ -4,0 +8,0 @@

100

lib/build.js

@@ -21,18 +21,18 @@ 'use strict';

function getKnown() {
const oldSource = fs.readFileSync(path.join(__dirname, './regexps.js'), 'utf8');
if (oldSource.match(/^\/\/ unbuilt/g)) {
try {
var known = new Set();
var old = require('./regexps');
for (var type in old) {
if (!old.hasOwnProperty(type)) continue;
var group = old[type];
for (var i = 0; i < group.length; i++) {
var regex = group[i][0].source;
known.add(regex);
}
}
return known;
} catch (e) {
if (e.code !== 'MODULE_NOT_FOUND') console.warn("Error parsing old regexps.js file. Ignoring and continuing...", e)
return null;
}
var old = require('./regexps');
var known = new Set();
for (var type in old) {
if (!old.hasOwnProperty(type)) continue;
var group = old[type];
for (var i = 0; i < group.length; i++) {
var regex = group[i][0].source;
known.add(regex);
}
}
return known;
}

@@ -154,7 +154,6 @@

var resources = data[details.resource]
, name = details.resource.replace('_parsers', '')
, resource
, regex
, source
, parser;
, parser
, compiled;

@@ -165,10 +164,11 @@ for (var i = 0, l = resources.length; i < l; i++) {

source = new RegExp(regex).source;
if (known && !known.has(source)) {
compiled = new RegExp(regex, resource.regex_flag);
if (known && !known.has(compiled.source)) {
// A quick check, regexes not matching those are clearly safe
// This check excludes about 35% of all regexps we have
if (!isSafe(source)) {
unsafe.push(source);
if (!isSafe(compiled.source)) {
unsafe.push(compiled.source);
}
known.add(source);
known.add(compiled.source);
}

@@ -178,15 +178,12 @@

// kinds of crap in the RegularExpression. If we don't do thing we get
// some illegal token warnings.
parser = 'parser = Object.create(null);\n';
parser += 'parser[0] = new RegExp('+ JSON.stringify(regex)
if (resource.regex_flag) {
parser += ',"' + resource.regex_flag + '"';
}
parser += ');\n';
// some illegal token warnings./(Linux)(?:[ /](\d+)\.(\d+)(?:\.(\d+)|)|)/
// parser = 'parser = Object.create(null);\n';
parser = ' [' + compiled.toString();
// Check if we have replacement for the parsed family name
if (resource[details.replacement]) {
parser += 'parser[1] = "'+ resource[details.replacement].replace('"', '\\"') +'";\n';
parser += ', "'+ resource[details.replacement].replace('"', '\\"') +'"';
} else {
parser += 'parser[1] = 0;\n';
parser += ', 0';
}

@@ -196,29 +193,31 @@

if (resource.brand_replacement) {
parser += 'parser[2] = "'+ resource.brand_replacement.replace('"', '\\"') +'";\n';
parser += ', "'+ resource.brand_replacement.replace('"', '\\"') +'"';
} else if (resource.model_replacement) {
parser += 'parser[2] = 0;\n';
parser += ', 0';
}
if (resource.model_replacement) {
parser += 'parser[3] = "'+ resource.model_replacement.replace('"', '\\"') +'";\n';
parser += ', "'+ resource.model_replacement.replace('"', '\\"') +'"';
}
} else {
if (resource.v1_replacement) {
parser += 'parser[2] = "'+ resource.v1_replacement.replace('"', '\\"') +'";\n';
parser += ', "'+ resource.v1_replacement.replace('"', '\\"') +'"';
} else if (resource.v2_replacement || resource.v3_replacement) {
parser += 'parser[2] = 0;\n';
parser += ', 0';
}
if (resource.v2_replacement) {
parser += 'parser[3] = "'+ resource.v2_replacement.replace('"', '\\"') +'";\n';
parser += ', "'+ resource.v2_replacement.replace('"', '\\"') +'"';
} else if (resource.v3_replacement) {
parser += 'parser[3] = 0;\n';
parser += ', 0';
}
if (resource.v3_replacement) {
parser += 'parser[4] = "'+ resource.v3_replacement.replace('"', '\\"') +'";\n';
parser += ', "'+ resource.v3_replacement.replace('"', '\\"') +'"';
}
}
parser += 'exports.'+ details.name +'['+ i +'] = parser;';
parser += ']';
// parser += 'exports.'+ details.name +'['+ i +'] = parser;';
results[details.resource].push(parser);

@@ -228,2 +227,4 @@ }

// TODO: consider getting rid of these checks - we either need to scan the REs for REDoS vulnerabilities
// ourselves OR consider uap-core to be trustworthy-enough. (The latter seems fine)
if (unsafe.length > 0) {

@@ -254,14 +255,13 @@ console.log('There are new regexps! Here they are, one per line:');

, exports.LEADER
, 'var parser;'
, 'exports.browser = Object.create(null);'
, results.user_agent_parsers.join('\n')
, 'exports.browser.length = '+ results.user_agent_parsers.length +';'
, 'exports.browser = ['
, results.user_agent_parsers.join(',\n')
, '];'
, 'exports.device = Object.create(null);'
, results.device_parsers.join('\n')
, 'exports.device.length = '+ results.device_parsers.length +';'
, 'exports.device = ['
, results.device_parsers.join(',\n')
, '];'
, 'exports.os = Object.create(null);'
, results.os_parsers.join('\n')
, 'exports.os.length = '+ results.os_parsers.length +';'
, 'exports.os = ['
, results.os_parsers.join(',\n')
, '];'
].join('\n\n');

@@ -268,0 +268,0 @@

2

package.json
{
"name": "useragent-ng",
"version": "2.4.2",
"version": "2.4.3",
"description": "Fast & effecient user agent string parser. Uses uap-core (Browserscope) data for parsing. Drop-in replacement for useragent",

@@ -5,0 +5,0 @@ "author": "Arnout Kazemier & Andrew Schmadel",

lib/regexps.js

Sorry, the diff of this file is too big to display