youtube-video
Advanced tools
Comparing version 2.1.0 to 2.2.0
34
index.js
var extend = require('extend'); | ||
var findall = require("findall"); | ||
var newElement = require('new-element'); | ||
@@ -26,3 +25,5 @@ var sdk = require('require-sdk')('https://www.youtube.com/iframe_api', 'YT'); | ||
sdk(function (error, youtube) { | ||
var playerVars = {}; | ||
var videoId = pickID(input), | ||
playerVars = {}, | ||
playlist; | ||
@@ -37,2 +38,12 @@ api = youtube; | ||
// If we don't have a video ID, check to see if `input` is a playlist. | ||
if (!videoId) { | ||
playlist = /(?:\?|&)list=([^&]+)/.exec(input); | ||
if (playlist) { | ||
playerVars.listType = playerVars.listType || 'playlist'; | ||
playerVars.list = playlist[1]; | ||
} | ||
} | ||
// Automatically cast any boolean values as integers. | ||
@@ -51,3 +62,3 @@ for (var i in playerVars) { | ||
playerVars: playerVars, | ||
videoId: pickID(input), | ||
videoId: videoId, | ||
events: { | ||
@@ -80,8 +91,19 @@ 'onReady': onPlayerReady, | ||
/** | ||
* Parse the video ID out of a string. | ||
* | ||
* @param {string} input - The input string, which could be a URL or a video ID. | ||
* @returns {string|null} Either the parsed video ID or NULL. | ||
*/ | ||
function pickID (input) { | ||
if (!/\./.test(input)) return input; | ||
var videoId; | ||
var match = findall(input, /(?:\?|&)v=([^&]+)/); | ||
// Return early if there's no ".", as it's clearly not a URL. | ||
if (!/\./.test(input)) { | ||
return input; | ||
} | ||
if (match) return match[0]; | ||
videoId = /(?:\?|&)v=([^&]+)/.exec(input); | ||
return videoId ? videoId[1] : null; | ||
} | ||
@@ -88,0 +110,0 @@ |
{ | ||
"name": "youtube-video", | ||
"version": "2.1.0", | ||
"version": "2.2.0", | ||
"description": "Minimalistic API to play Youtube videos", | ||
@@ -11,5 +11,4 @@ "main": "index.js", | ||
"extend": "^3.0.0", | ||
"findall": "0.0.4", | ||
"new-element": "0.0.1", | ||
"require-sdk": "0.0.0" | ||
"new-element": "azer/new-element", | ||
"require-sdk": "azer/require-sdk" | ||
}, | ||
@@ -16,0 +15,0 @@ "devDependencies": { |
GitHub dependency
Supply chain riskContains a dependency which resolves to a GitHub URL. Dependencies fetched from GitHub specifiers are not immutable can be used to inject untrusted code or reduce the likelihood of a reproducible install.
Found 2 instances in 1 package
Manifest confusion
Supply chain riskThis package has inconsistent metadata. This could be malicious or caused by an error when publishing the package.
Found 2 instances in 1 package
4559
3
94
2
2
- Removedfindall@0.0.4
- Removeddomify@1.0.0(transitive)
- Removedfindall@0.0.4(transitive)
- Removedload-script@2.0.0(transitive)
- Removednew-element@0.0.1(transitive)
- Removednew-format@0.0.1(transitive)
- Removedpubsub@0.0.5(transitive)
- Removedrequire-sdk@0.0.0(transitive)
Updatednew-element@azer/new-element
Updatedrequire-sdk@azer/require-sdk